Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-50152
Vulnerability from cvelistv5
Published
2024-11-07 09:31
Modified
2024-12-19 09:34
Severity ?
EPSS score ?
0.02%
(0.04276)
Summary
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix possible double free in smb2_set_ea()
Clang static checker(scan-build) warning:
fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.
1304 | kfree(ea);
| ^~~~~~~~~
There is a double free in such case:
'ea is initialized to NULL' -> 'first successful memory allocation for
ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'
-> 'goto replay_again' -> 'second goto sea_exit before allocate memory
for ea' -> 'second memory release for ea resulted in double free'.
Re-initialie 'ea' to NULL near to the replay_again label, it can fix this
double free problem.
References
Impacted products
{ containers: { cna: { affected: [ { defaultStatus: "unaffected", product: "Linux", programFiles: [ "fs/smb/client/smb2ops.c", ], repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", vendor: "Linux", versions: [ { lessThan: "b1813c220b76f60b1727984794377c4aa849d4c1", status: "affected", version: "433042a91f9373241307725b52de573933ffedbf", versionType: "git", }, { lessThan: "c9f758ecf2562dfdd4adf12c22921b5de8366123", status: "affected", version: "4f1fffa2376922f3d1d506e49c0fd445b023a28e", versionType: "git", }, { lessThan: "19ebc1e6cab334a8193398d4152deb76019b5d34", status: "affected", version: "4f1fffa2376922f3d1d506e49c0fd445b023a28e", versionType: "git", }, ], }, { defaultStatus: "affected", product: "Linux", programFiles: [ "fs/smb/client/smb2ops.c", ], repo: "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", vendor: "Linux", versions: [ { status: "affected", version: "6.8", }, { lessThan: "6.8", status: "unaffected", version: "0", versionType: "semver", }, { lessThanOrEqual: "6.6.*", status: "unaffected", version: "6.6.59", versionType: "semver", }, { lessThanOrEqual: "6.11.*", status: "unaffected", version: "6.11.6", versionType: "semver", }, { lessThanOrEqual: "*", status: "unaffected", version: "6.12", versionType: "original_commit_for_fix", }, ], }, ], descriptions: [ { lang: "en", value: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem.", }, ], providerMetadata: { dateUpdated: "2024-12-19T09:34:14.052Z", orgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", shortName: "Linux", }, references: [ { url: "https://git.kernel.org/stable/c/b1813c220b76f60b1727984794377c4aa849d4c1", }, { url: "https://git.kernel.org/stable/c/c9f758ecf2562dfdd4adf12c22921b5de8366123", }, { url: "https://git.kernel.org/stable/c/19ebc1e6cab334a8193398d4152deb76019b5d34", }, ], title: "smb: client: fix possible double free in smb2_set_ea()", x_generator: { engine: "bippy-5f407fcff5a0", }, }, }, cveMetadata: { assignerOrgId: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", assignerShortName: "Linux", cveId: "CVE-2024-50152", datePublished: "2024-11-07T09:31:28.733Z", dateReserved: "2024-10-21T19:36:19.959Z", dateUpdated: "2024-12-19T09:34:14.052Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-50152\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-07T10:15:06.850\",\"lastModified\":\"2024-11-19T02:16:17.787\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsmb: client: fix possible double free in smb2_set_ea()\\n\\nClang static checker(scan-build) warning:\\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\\n 1304 | kfree(ea);\\n | ^~~~~~~~~\\n\\nThere is a double free in such case:\\n'ea is initialized to NULL' -> 'first successful memory allocation for\\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\\nfor ea' -> 'second memory release for ea resulted in double free'.\\n\\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\\ndouble free problem.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: se corrige una posible doble liberación en smb2_set_ea() Advertencia del comprobador estático de Clang (scan-build): fs/smb/client/smb2ops.c:1304:2: Intento de liberar memoria liberada. 1304 | kfree(ea); | ^~~~~~~~~ Hay una doble liberación en tal caso: 'ea se inicializa a NULL' -> 'primera asignación de memoria exitosa para ea' -> 'algo falló, goto sea_exit' -> 'primera liberación de memoria para ea' -> 'goto replay_again' -> 'segundo goto sea_exit antes de asignar memoria para ea' -> 'la segunda liberación de memoria para ea resultó en una doble liberación'. Reinicialice 'ea' a NULL cerca de la etiqueta replay_again, puede solucionar este problema de doble liberación.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6.32\",\"versionEndExcluding\":\"6.6.59\",\"matchCriteriaId\":\"15752D93-7E64-45C3-AA2D-6A544F5E615F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.8\",\"versionEndExcluding\":\"6.11.6\",\"matchCriteriaId\":\"2CAA29A6-36B4-4C90-A862-A816F65153DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/19ebc1e6cab334a8193398d4152deb76019b5d34\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b1813c220b76f60b1727984794377c4aa849d4c1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c9f758ecf2562dfdd4adf12c22921b5de8366123\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}", }, }
WID-SEC-W-2024-3368
Vulnerability from csaf_certbund
Published
2024-11-06 23:00
Modified
2025-01-19 23:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3368 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3368.json", }, { category: "self", summary: "WID-SEC-2024-3368 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3368", }, { category: "external", summary: "Kernel CVE Announce Mailingliste", url: "https://lore.kernel.org/linux-cve-announce/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50139", url: "https://lore.kernel.org/linux-cve-announce/2024110740-CVE-2024-50139-9ac6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50140", url: "https://lore.kernel.org/linux-cve-announce/2024110742-CVE-2024-50140-2371@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50141", url: "https://lore.kernel.org/linux-cve-announce/2024110742-CVE-2024-50141-a773@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50142", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50142-e0dc@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50143", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50143-4678@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50144", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50144-973b@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50145", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50145-10b6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50146", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50146-964d@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50147", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50147-d5b6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50148", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50148-b75c@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50149", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50149-8ac4@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50150", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50150-0254@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50151", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50151-f52b@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50152", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50152-535e@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50153", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50153-ecf2@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50154", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50154-0259@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50159", url: "https://lore.kernel.org/linux-cve-announce/2024110747-CVE-2024-50159-3dec@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50170", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50170-05db@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50171", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50171-38cb@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50172", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50172-6cd4@gregkh/", }, { category: "external", summary: "openSUSE Security Update OPENSUSE-SU-2024:14500-1 vom 2024-11-16", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2NO44GTYBSPPWKFDREFWHITK4XKTNVLP/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10944 vom 2024-12-11", url: "https://access.redhat.com/errata/RHSA-2024:10944", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10943 vom 2024-12-11", url: "https://access.redhat.com/errata/RHSA-2024:10943", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-10943 vom 2024-12-12", url: "https://linux.oracle.com/errata/ELSA-2024-10943.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4316-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S4I5Z6ALCJLHTP25U3HMJHEXN4DR2USM/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4317-1 vom 2024-12-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020000.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4314-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SARXL66CQHD5VSFG5PUBNBVBPVFUN4KT/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4313-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PCO2TL4OCZ4YUXTF7OMLI6WH3WKDUC2G/", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17", url: "https://linux.oracle.com/errata/ELSA-2024-12884.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4367-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020025.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18", url: "https://linux.oracle.com/errata/ELSA-2024-12887.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:11486 vom 2024-12-19", url: "https://access.redhat.com/errata/RHSA-2024:11486", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:10944 vom 2024-12-19", url: "https://errata.build.resf.org/RLSA-2024:10944", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4388-1 vom 2024-12-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020034.html", }, { category: "external", summary: "Debian Security Advisory DLA-4008 vom 2025-01-03", url: "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-11486 vom 2025-01-07", url: "https://linux.oracle.com/errata/ELSA-2024-11486.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0035-1 vom 2025-01-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020070.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-19T23:00:00.000+00:00", generator: { date: "2025-01-20T09:18:52.748+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3368", initial_release_date: "2024-11-06T23:00:00.000+00:00", revision_history: [ { date: "2024-11-06T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-17T23:00:00.000+00:00", number: "2", summary: "Neue Updates von openSUSE aufgenommen", }, { date: "2024-12-10T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-12T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-12-15T23:00:00.000+00:00", number: "5", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-16T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-18T23:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE, Oracle Linux, Red Hat und Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-12-19T23:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-02T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2025-01-06T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2025-01-08T23:00:00.000+00:00", number: "12", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-15T23:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-19T23:00:00.000+00:00", number: "14", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "14", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "T008144", product_identification_helper: { cpe: "cpe:/a:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE openSUSE", product: { name: "SUSE openSUSE", product_id: "T027843", product_identification_helper: { cpe: "cpe:/o:suse:opensuse:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2024-50139", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50139", }, { cve: "CVE-2024-50140", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50140", }, { cve: "CVE-2024-50141", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50141", }, { cve: "CVE-2024-50142", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50142", }, { cve: "CVE-2024-50143", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50143", }, { cve: "CVE-2024-50144", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50144", }, { cve: "CVE-2024-50145", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50145", }, { cve: "CVE-2024-50146", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50146", }, { cve: "CVE-2024-50147", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50147", }, { cve: "CVE-2024-50148", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50148", }, { cve: "CVE-2024-50149", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50149", }, { cve: "CVE-2024-50150", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50150", }, { cve: "CVE-2024-50151", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50151", }, { cve: "CVE-2024-50152", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50152", }, { cve: "CVE-2024-50153", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50153", }, { cve: "CVE-2024-50154", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50154", }, { cve: "CVE-2024-50159", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50159", }, { cve: "CVE-2024-50170", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50170", }, { cve: "CVE-2024-50171", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50171", }, { cve: "CVE-2024-50172", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50172", }, ], }
wid-sec-w-2024-3368
Vulnerability from csaf_certbund
Published
2024-11-06 23:00
Modified
2025-01-19 23:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen unspezifischen Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-3368 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3368.json", }, { category: "self", summary: "WID-SEC-2024-3368 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3368", }, { category: "external", summary: "Kernel CVE Announce Mailingliste", url: "https://lore.kernel.org/linux-cve-announce/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50139", url: "https://lore.kernel.org/linux-cve-announce/2024110740-CVE-2024-50139-9ac6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50140", url: "https://lore.kernel.org/linux-cve-announce/2024110742-CVE-2024-50140-2371@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50141", url: "https://lore.kernel.org/linux-cve-announce/2024110742-CVE-2024-50141-a773@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50142", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50142-e0dc@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50143", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50143-4678@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50144", url: "https://lore.kernel.org/linux-cve-announce/2024110743-CVE-2024-50144-973b@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50145", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50145-10b6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50146", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50146-964d@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50147", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50147-d5b6@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50148", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50148-b75c@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50149", url: "https://lore.kernel.org/linux-cve-announce/2024110744-CVE-2024-50149-8ac4@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50150", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50150-0254@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50151", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50151-f52b@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50152", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50152-535e@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50153", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50153-ecf2@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50154", url: "https://lore.kernel.org/linux-cve-announce/2024110745-CVE-2024-50154-0259@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50159", url: "https://lore.kernel.org/linux-cve-announce/2024110747-CVE-2024-50159-3dec@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50170", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50170-05db@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50171", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50171-38cb@gregkh/", }, { category: "external", summary: "Linux Kernel CVE Announcement CVE-2024-50172", url: "https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50172-6cd4@gregkh/", }, { category: "external", summary: "openSUSE Security Update OPENSUSE-SU-2024:14500-1 vom 2024-11-16", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2NO44GTYBSPPWKFDREFWHITK4XKTNVLP/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10944 vom 2024-12-11", url: "https://access.redhat.com/errata/RHSA-2024:10944", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10943 vom 2024-12-11", url: "https://access.redhat.com/errata/RHSA-2024:10943", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-10943 vom 2024-12-12", url: "https://linux.oracle.com/errata/ELSA-2024-10943.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4318-1 vom 2024-12-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/019999.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4316-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/S4I5Z6ALCJLHTP25U3HMJHEXN4DR2USM/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4317-1 vom 2024-12-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020000.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4315-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LQPWDP54GSTHYCV4CTCOE67D2ANVPPUW/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4314-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SARXL66CQHD5VSFG5PUBNBVBPVFUN4KT/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4313-1 vom 2024-12-13", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PCO2TL4OCZ4YUXTF7OMLI6WH3WKDUC2G/", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-12884 vom 2024-12-17", url: "https://linux.oracle.com/errata/ELSA-2024-12884.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4367-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020025.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4364-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020019.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4345-1 vom 2024-12-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020018.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4346-1 vom 2024-12-17", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2FJJW5HEWYSYWAJBRWARBIZ4AQHAXLNG/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020028.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-12887 vom 2024-12-18", url: "https://linux.oracle.com/errata/ELSA-2024-12887.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:11486 vom 2024-12-19", url: "https://access.redhat.com/errata/RHSA-2024:11486", }, { category: "external", summary: "Rocky Linux Security Advisory RLSA-2024:10944 vom 2024-12-19", url: "https://errata.build.resf.org/RLSA-2024:10944", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4376-1 vom 2024-12-18", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WFOJHFFEHK42VPQ6XLZWB77H5OEJ3FF4/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4387-1 vom 2024-12-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020032.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:4388-1 vom 2024-12-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020034.html", }, { category: "external", summary: "Debian Security Advisory DLA-4008 vom 2025-01-03", url: "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-11486 vom 2025-01-07", url: "https://linux.oracle.com/errata/ELSA-2024-11486.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0035-1 vom 2025-01-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020070.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0117-1 vom 2025-01-15", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020131.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0154-1 vom 2025-01-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020151.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2025:0153-1 vom 2025-01-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020150.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-19T23:00:00.000+00:00", generator: { date: "2025-01-20T09:18:52.748+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-3368", initial_release_date: "2024-11-06T23:00:00.000+00:00", revision_history: [ { date: "2024-11-06T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-17T23:00:00.000+00:00", number: "2", summary: "Neue Updates von openSUSE aufgenommen", }, { date: "2024-12-10T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-12T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-12-15T23:00:00.000+00:00", number: "5", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-16T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "7", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-12-18T23:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE, Oracle Linux, Red Hat und Rocky Enterprise Software Foundation aufgenommen", }, { date: "2024-12-19T23:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-02T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2025-01-06T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2025-01-08T23:00:00.000+00:00", number: "12", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-15T23:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2025-01-19T23:00:00.000+00:00", number: "14", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "14", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "T008144", product_identification_helper: { cpe: "cpe:/a:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "RESF Rocky Linux", product: { name: "RESF Rocky Linux", product_id: "T032255", product_identification_helper: { cpe: "cpe:/o:resf:rocky_linux:-", }, }, }, ], category: "vendor", name: "RESF", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE openSUSE", product: { name: "SUSE openSUSE", product_id: "T027843", product_identification_helper: { cpe: "cpe:/o:suse:opensuse:-", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2024-50139", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50139", }, { cve: "CVE-2024-50140", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50140", }, { cve: "CVE-2024-50141", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50141", }, { cve: "CVE-2024-50142", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50142", }, { cve: "CVE-2024-50143", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50143", }, { cve: "CVE-2024-50144", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50144", }, { cve: "CVE-2024-50145", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50145", }, { cve: "CVE-2024-50146", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50146", }, { cve: "CVE-2024-50147", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50147", }, { cve: "CVE-2024-50148", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50148", }, { cve: "CVE-2024-50149", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50149", }, { cve: "CVE-2024-50150", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50150", }, { cve: "CVE-2024-50151", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50151", }, { cve: "CVE-2024-50152", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50152", }, { cve: "CVE-2024-50153", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50153", }, { cve: "CVE-2024-50154", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50154", }, { cve: "CVE-2024-50159", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50159", }, { cve: "CVE-2024-50170", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50170", }, { cve: "CVE-2024-50171", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50171", }, { cve: "CVE-2024-50172", notes: [ { category: "description", text: "Im Linux-Kernel bestehen mehrere Schwachstellen. Diese Fehler bestehen in mehreren Subsystemen und Komponenten wie KVM, smb oder drm/xe, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer Use-after-free-, einer Race-Condition oder einer NULL-Pointer-Dereferenz und mehr. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen, die möglicherweise zu einem Denial-of-Service-Zustand führen.", }, ], product_status: { known_affected: [ "2951", "T002207", "67646", "T027843", "T004914", "T032255", "T008144", ], }, release_date: "2024-11-06T23:00:00.000+00:00", title: "CVE-2024-50172", }, ], }
fkie_cve-2024-50152
Vulnerability from fkie_nvd
Published
2024-11-07 10:15
Modified
2024-11-19 02:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix possible double free in smb2_set_ea()
Clang static checker(scan-build) warning:
fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.
1304 | kfree(ea);
| ^~~~~~~~~
There is a double free in such case:
'ea is initialized to NULL' -> 'first successful memory allocation for
ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'
-> 'goto replay_again' -> 'second goto sea_exit before allocate memory
for ea' -> 'second memory release for ea resulted in double free'.
Re-initialie 'ea' to NULL near to the replay_again label, it can fix this
double free problem.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 6.12 | |
| linux | linux_kernel | 6.12 | |
| linux | linux_kernel | 6.12 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "15752D93-7E64-45C3-AA2D-6A544F5E615F", versionEndExcluding: "6.6.59", versionStartIncluding: "6.6.32", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "2CAA29A6-36B4-4C90-A862-A816F65153DB", versionEndExcluding: "6.11.6", versionStartIncluding: "6.8", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", matchCriteriaId: "7F361E1D-580F-4A2D-A509-7615F73167A1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", matchCriteriaId: "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", matchCriteriaId: "3C95E234-D335-4B6C-96BF-E2CEBD8654ED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem.", }, { lang: "es", value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: se corrige una posible doble liberación en smb2_set_ea() Advertencia del comprobador estático de Clang (scan-build): fs/smb/client/smb2ops.c:1304:2: Intento de liberar memoria liberada. 1304 | kfree(ea); | ^~~~~~~~~ Hay una doble liberación en tal caso: 'ea se inicializa a NULL' -> 'primera asignación de memoria exitosa para ea' -> 'algo falló, goto sea_exit' -> 'primera liberación de memoria para ea' -> 'goto replay_again' -> 'segundo goto sea_exit antes de asignar memoria para ea' -> 'la segunda liberación de memoria para ea resultó en una doble liberación'. Reinicialice 'ea' a NULL cerca de la etiqueta replay_again, puede solucionar este problema de doble liberación.", }, ], id: "CVE-2024-50152", lastModified: "2024-11-19T02:16:17.787", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-11-07T10:15:06.850", references: [ { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", tags: [ "Patch", ], url: "https://git.kernel.org/stable/c/19ebc1e6cab334a8193398d4152deb76019b5d34", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", tags: [ "Patch", ], url: "https://git.kernel.org/stable/c/b1813c220b76f60b1727984794377c4aa849d4c1", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", tags: [ "Patch", ], url: "https://git.kernel.org/stable/c/c9f758ecf2562dfdd4adf12c22921b5de8366123", }, ], sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-415", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
opensuse-su-2024:14500-1
Vulnerability from csaf_opensuse
Published
2024-11-15 00:00
Modified
2024-11-15 00:00
Summary
kernel-devel-6.11.8-1.1 on GA media
Notes
Title of the patch
kernel-devel-6.11.8-1.1 on GA media
Description of the patch
These are all security issues fixed in the kernel-devel-6.11.8-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14500
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "kernel-devel-6.11.8-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the kernel-devel-6.11.8-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-14500", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14500-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2024:14500-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2NO44GTYBSPPWKFDREFWHITK4XKTNVLP/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2024:14500-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2NO44GTYBSPPWKFDREFWHITK4XKTNVLP/", }, { category: "self", summary: "SUSE CVE CVE-2023-52917 page", url: "https://www.suse.com/security/cve/CVE-2023-52917/", }, { category: "self", summary: "SUSE CVE CVE-2024-46869 page", url: "https://www.suse.com/security/cve/CVE-2024-46869/", }, { category: "self", summary: "SUSE CVE CVE-2024-47671 page", url: "https://www.suse.com/security/cve/CVE-2024-47671/", }, { category: "self", summary: "SUSE CVE CVE-2024-47675 page", url: "https://www.suse.com/security/cve/CVE-2024-47675/", }, { category: "self", summary: "SUSE CVE CVE-2024-47676 page", url: "https://www.suse.com/security/cve/CVE-2024-47676/", }, { category: "self", summary: "SUSE CVE CVE-2024-47677 page", url: "https://www.suse.com/security/cve/CVE-2024-47677/", }, { category: "self", summary: "SUSE CVE CVE-2024-47678 page", url: "https://www.suse.com/security/cve/CVE-2024-47678/", }, { category: "self", summary: "SUSE CVE CVE-2024-47679 page", url: "https://www.suse.com/security/cve/CVE-2024-47679/", }, { category: "self", summary: "SUSE CVE CVE-2024-47680 page", url: "https://www.suse.com/security/cve/CVE-2024-47680/", }, { category: "self", summary: "SUSE CVE CVE-2024-47681 page", url: "https://www.suse.com/security/cve/CVE-2024-47681/", }, { category: "self", summary: "SUSE CVE CVE-2024-47682 page", url: "https://www.suse.com/security/cve/CVE-2024-47682/", }, { category: "self", summary: "SUSE CVE CVE-2024-47683 page", url: "https://www.suse.com/security/cve/CVE-2024-47683/", }, { category: "self", summary: "SUSE CVE CVE-2024-47684 page", url: "https://www.suse.com/security/cve/CVE-2024-47684/", }, { category: "self", summary: "SUSE CVE CVE-2024-47685 page", url: "https://www.suse.com/security/cve/CVE-2024-47685/", }, { category: "self", summary: "SUSE CVE CVE-2024-47686 page", url: "https://www.suse.com/security/cve/CVE-2024-47686/", }, { category: "self", summary: "SUSE CVE CVE-2024-47687 page", url: "https://www.suse.com/security/cve/CVE-2024-47687/", }, { category: "self", summary: "SUSE CVE CVE-2024-47688 page", url: "https://www.suse.com/security/cve/CVE-2024-47688/", }, { category: "self", summary: "SUSE CVE CVE-2024-47689 page", url: "https://www.suse.com/security/cve/CVE-2024-47689/", }, { category: "self", summary: "SUSE CVE CVE-2024-47690 page", url: "https://www.suse.com/security/cve/CVE-2024-47690/", }, { category: "self", summary: "SUSE CVE CVE-2024-47691 page", url: "https://www.suse.com/security/cve/CVE-2024-47691/", }, { category: "self", summary: "SUSE CVE CVE-2024-47692 page", url: "https://www.suse.com/security/cve/CVE-2024-47692/", }, { category: "self", summary: "SUSE CVE CVE-2024-47693 page", url: "https://www.suse.com/security/cve/CVE-2024-47693/", }, { category: "self", summary: "SUSE CVE CVE-2024-47694 page", url: "https://www.suse.com/security/cve/CVE-2024-47694/", }, { category: "self", summary: "SUSE CVE CVE-2024-47695 page", url: "https://www.suse.com/security/cve/CVE-2024-47695/", }, { category: "self", summary: "SUSE CVE CVE-2024-47696 page", url: "https://www.suse.com/security/cve/CVE-2024-47696/", }, { category: "self", summary: "SUSE CVE CVE-2024-47697 page", url: "https://www.suse.com/security/cve/CVE-2024-47697/", }, { category: "self", summary: "SUSE CVE CVE-2024-47698 page", url: "https://www.suse.com/security/cve/CVE-2024-47698/", }, { category: "self", summary: "SUSE CVE CVE-2024-47699 page", url: "https://www.suse.com/security/cve/CVE-2024-47699/", }, { category: "self", summary: "SUSE CVE CVE-2024-47700 page", url: "https://www.suse.com/security/cve/CVE-2024-47700/", }, { category: "self", summary: "SUSE CVE CVE-2024-47701 page", url: "https://www.suse.com/security/cve/CVE-2024-47701/", }, { category: "self", summary: "SUSE CVE CVE-2024-47702 page", url: "https://www.suse.com/security/cve/CVE-2024-47702/", }, { category: "self", summary: "SUSE CVE CVE-2024-47703 page", url: "https://www.suse.com/security/cve/CVE-2024-47703/", }, { category: "self", summary: "SUSE CVE CVE-2024-47704 page", url: "https://www.suse.com/security/cve/CVE-2024-47704/", }, { category: "self", summary: "SUSE CVE CVE-2024-47705 page", url: "https://www.suse.com/security/cve/CVE-2024-47705/", }, { category: "self", summary: "SUSE CVE CVE-2024-47706 page", url: "https://www.suse.com/security/cve/CVE-2024-47706/", }, { category: "self", summary: "SUSE CVE CVE-2024-47707 page", url: "https://www.suse.com/security/cve/CVE-2024-47707/", }, { category: "self", summary: "SUSE CVE CVE-2024-47708 page", url: "https://www.suse.com/security/cve/CVE-2024-47708/", }, { category: "self", summary: "SUSE CVE CVE-2024-47709 page", url: "https://www.suse.com/security/cve/CVE-2024-47709/", }, { category: "self", summary: "SUSE CVE CVE-2024-47710 page", url: "https://www.suse.com/security/cve/CVE-2024-47710/", }, { category: "self", summary: "SUSE CVE CVE-2024-47711 page", url: "https://www.suse.com/security/cve/CVE-2024-47711/", }, { category: "self", summary: "SUSE CVE CVE-2024-47712 page", url: "https://www.suse.com/security/cve/CVE-2024-47712/", }, { category: "self", summary: "SUSE CVE CVE-2024-47713 page", url: "https://www.suse.com/security/cve/CVE-2024-47713/", }, { category: "self", summary: "SUSE CVE CVE-2024-47714 page", url: "https://www.suse.com/security/cve/CVE-2024-47714/", }, { category: "self", summary: "SUSE CVE CVE-2024-47715 page", url: "https://www.suse.com/security/cve/CVE-2024-47715/", }, { category: "self", summary: "SUSE CVE CVE-2024-47716 page", url: "https://www.suse.com/security/cve/CVE-2024-47716/", }, { category: "self", summary: "SUSE CVE CVE-2024-47717 page", url: "https://www.suse.com/security/cve/CVE-2024-47717/", }, { category: "self", summary: "SUSE CVE CVE-2024-47718 page", url: "https://www.suse.com/security/cve/CVE-2024-47718/", }, { category: "self", summary: "SUSE CVE CVE-2024-47719 page", url: "https://www.suse.com/security/cve/CVE-2024-47719/", }, { category: "self", summary: "SUSE CVE CVE-2024-47720 page", url: "https://www.suse.com/security/cve/CVE-2024-47720/", }, { category: "self", summary: "SUSE CVE CVE-2024-47721 page", url: "https://www.suse.com/security/cve/CVE-2024-47721/", }, { category: "self", summary: "SUSE CVE CVE-2024-47723 page", url: "https://www.suse.com/security/cve/CVE-2024-47723/", }, { category: "self", summary: "SUSE CVE CVE-2024-47724 page", url: "https://www.suse.com/security/cve/CVE-2024-47724/", }, { category: "self", summary: "SUSE CVE CVE-2024-47726 page", url: "https://www.suse.com/security/cve/CVE-2024-47726/", }, { category: "self", summary: "SUSE CVE CVE-2024-47727 page", url: "https://www.suse.com/security/cve/CVE-2024-47727/", }, { category: "self", summary: "SUSE CVE CVE-2024-47728 page", url: "https://www.suse.com/security/cve/CVE-2024-47728/", }, { category: "self", summary: "SUSE CVE CVE-2024-47729 page", url: "https://www.suse.com/security/cve/CVE-2024-47729/", }, { category: "self", summary: "SUSE CVE CVE-2024-47730 page", url: "https://www.suse.com/security/cve/CVE-2024-47730/", }, { category: "self", summary: "SUSE CVE CVE-2024-47731 page", url: "https://www.suse.com/security/cve/CVE-2024-47731/", }, { category: "self", summary: "SUSE CVE CVE-2024-47732 page", url: "https://www.suse.com/security/cve/CVE-2024-47732/", }, { category: "self", summary: "SUSE CVE CVE-2024-47733 page", url: "https://www.suse.com/security/cve/CVE-2024-47733/", }, { category: "self", summary: "SUSE CVE CVE-2024-47734 page", url: "https://www.suse.com/security/cve/CVE-2024-47734/", }, { category: "self", summary: "SUSE CVE CVE-2024-47735 page", url: "https://www.suse.com/security/cve/CVE-2024-47735/", }, { category: "self", summary: "SUSE CVE CVE-2024-47736 page", url: "https://www.suse.com/security/cve/CVE-2024-47736/", }, { category: "self", summary: "SUSE CVE CVE-2024-47737 page", url: "https://www.suse.com/security/cve/CVE-2024-47737/", }, { category: "self", summary: "SUSE CVE CVE-2024-47738 page", url: "https://www.suse.com/security/cve/CVE-2024-47738/", }, { category: "self", summary: "SUSE CVE CVE-2024-47739 page", url: "https://www.suse.com/security/cve/CVE-2024-47739/", }, { category: "self", summary: "SUSE CVE CVE-2024-47740 page", url: "https://www.suse.com/security/cve/CVE-2024-47740/", }, { category: "self", summary: "SUSE CVE CVE-2024-47741 page", url: "https://www.suse.com/security/cve/CVE-2024-47741/", }, { category: "self", summary: "SUSE CVE CVE-2024-47742 page", url: "https://www.suse.com/security/cve/CVE-2024-47742/", }, { category: "self", summary: "SUSE CVE CVE-2024-47743 page", url: "https://www.suse.com/security/cve/CVE-2024-47743/", }, { category: "self", summary: "SUSE CVE CVE-2024-47744 page", url: "https://www.suse.com/security/cve/CVE-2024-47744/", }, { category: "self", summary: "SUSE CVE CVE-2024-47745 page", url: "https://www.suse.com/security/cve/CVE-2024-47745/", }, { category: "self", summary: "SUSE CVE CVE-2024-47746 page", url: "https://www.suse.com/security/cve/CVE-2024-47746/", }, { category: "self", summary: "SUSE CVE CVE-2024-47747 page", url: "https://www.suse.com/security/cve/CVE-2024-47747/", }, { category: "self", summary: "SUSE CVE CVE-2024-47748 page", url: "https://www.suse.com/security/cve/CVE-2024-47748/", }, { category: "self", summary: "SUSE CVE CVE-2024-47749 page", url: "https://www.suse.com/security/cve/CVE-2024-47749/", }, { category: "self", summary: "SUSE CVE CVE-2024-47750 page", url: "https://www.suse.com/security/cve/CVE-2024-47750/", }, { category: "self", summary: "SUSE CVE CVE-2024-47751 page", url: "https://www.suse.com/security/cve/CVE-2024-47751/", }, { category: "self", summary: "SUSE CVE CVE-2024-47752 page", url: "https://www.suse.com/security/cve/CVE-2024-47752/", }, { category: "self", summary: "SUSE CVE CVE-2024-47753 page", url: "https://www.suse.com/security/cve/CVE-2024-47753/", }, { category: "self", summary: "SUSE CVE CVE-2024-47754 page", url: "https://www.suse.com/security/cve/CVE-2024-47754/", }, { category: "self", summary: "SUSE CVE CVE-2024-47756 page", url: "https://www.suse.com/security/cve/CVE-2024-47756/", }, { category: "self", summary: "SUSE CVE CVE-2024-47757 page", url: "https://www.suse.com/security/cve/CVE-2024-47757/", }, { category: "self", summary: "SUSE CVE CVE-2024-49850 page", url: "https://www.suse.com/security/cve/CVE-2024-49850/", }, { category: "self", summary: "SUSE CVE CVE-2024-49851 page", url: "https://www.suse.com/security/cve/CVE-2024-49851/", }, { category: "self", summary: "SUSE CVE CVE-2024-49852 page", url: "https://www.suse.com/security/cve/CVE-2024-49852/", }, { category: "self", summary: "SUSE CVE CVE-2024-49853 page", url: "https://www.suse.com/security/cve/CVE-2024-49853/", }, { category: "self", summary: "SUSE CVE CVE-2024-49854 page", url: "https://www.suse.com/security/cve/CVE-2024-49854/", }, { category: "self", summary: "SUSE CVE CVE-2024-49855 page", url: "https://www.suse.com/security/cve/CVE-2024-49855/", }, { category: "self", summary: "SUSE CVE CVE-2024-49856 page", url: "https://www.suse.com/security/cve/CVE-2024-49856/", }, { category: "self", summary: "SUSE CVE CVE-2024-49857 page", url: "https://www.suse.com/security/cve/CVE-2024-49857/", }, { category: "self", summary: "SUSE CVE CVE-2024-49858 page", url: "https://www.suse.com/security/cve/CVE-2024-49858/", }, { category: "self", summary: "SUSE CVE CVE-2024-49859 page", url: "https://www.suse.com/security/cve/CVE-2024-49859/", }, { category: "self", summary: "SUSE CVE CVE-2024-49860 page", url: "https://www.suse.com/security/cve/CVE-2024-49860/", }, { category: "self", summary: "SUSE CVE CVE-2024-49861 page", url: "https://www.suse.com/security/cve/CVE-2024-49861/", }, { category: "self", summary: "SUSE CVE CVE-2024-49862 page", url: "https://www.suse.com/security/cve/CVE-2024-49862/", }, { category: "self", summary: "SUSE CVE CVE-2024-49863 page", url: "https://www.suse.com/security/cve/CVE-2024-49863/", }, { category: "self", summary: "SUSE CVE CVE-2024-49864 page", url: "https://www.suse.com/security/cve/CVE-2024-49864/", }, { category: "self", summary: "SUSE CVE CVE-2024-49865 page", url: "https://www.suse.com/security/cve/CVE-2024-49865/", }, { category: "self", summary: "SUSE CVE CVE-2024-49866 page", url: "https://www.suse.com/security/cve/CVE-2024-49866/", }, { category: "self", summary: "SUSE CVE CVE-2024-49867 page", url: "https://www.suse.com/security/cve/CVE-2024-49867/", }, { category: "self", summary: "SUSE CVE CVE-2024-49868 page", url: "https://www.suse.com/security/cve/CVE-2024-49868/", }, { category: "self", summary: "SUSE CVE CVE-2024-49869 page", url: "https://www.suse.com/security/cve/CVE-2024-49869/", }, { category: "self", summary: "SUSE CVE CVE-2024-49870 page", url: "https://www.suse.com/security/cve/CVE-2024-49870/", }, { category: "self", summary: "SUSE CVE CVE-2024-49871 page", url: "https://www.suse.com/security/cve/CVE-2024-49871/", }, { category: "self", summary: "SUSE CVE CVE-2024-49872 page", url: "https://www.suse.com/security/cve/CVE-2024-49872/", }, { category: "self", summary: "SUSE CVE CVE-2024-49873 page", url: "https://www.suse.com/security/cve/CVE-2024-49873/", }, { category: "self", summary: "SUSE CVE CVE-2024-49874 page", url: "https://www.suse.com/security/cve/CVE-2024-49874/", }, { category: "self", summary: "SUSE CVE CVE-2024-49875 page", url: "https://www.suse.com/security/cve/CVE-2024-49875/", }, { category: "self", summary: "SUSE CVE CVE-2024-49876 page", url: "https://www.suse.com/security/cve/CVE-2024-49876/", }, { category: "self", summary: "SUSE CVE CVE-2024-49877 page", url: "https://www.suse.com/security/cve/CVE-2024-49877/", }, { category: "self", summary: "SUSE CVE CVE-2024-49878 page", url: "https://www.suse.com/security/cve/CVE-2024-49878/", }, { category: "self", summary: "SUSE CVE CVE-2024-49879 page", url: "https://www.suse.com/security/cve/CVE-2024-49879/", }, { category: "self", summary: "SUSE CVE CVE-2024-49880 page", url: "https://www.suse.com/security/cve/CVE-2024-49880/", }, { category: "self", summary: "SUSE CVE CVE-2024-49881 page", url: "https://www.suse.com/security/cve/CVE-2024-49881/", }, { category: "self", summary: "SUSE CVE CVE-2024-49882 page", url: "https://www.suse.com/security/cve/CVE-2024-49882/", }, { category: "self", summary: "SUSE CVE CVE-2024-49883 page", url: "https://www.suse.com/security/cve/CVE-2024-49883/", }, { category: "self", summary: "SUSE CVE CVE-2024-49884 page", url: "https://www.suse.com/security/cve/CVE-2024-49884/", }, { category: "self", summary: "SUSE CVE CVE-2024-49885 page", url: "https://www.suse.com/security/cve/CVE-2024-49885/", }, { category: "self", summary: "SUSE CVE CVE-2024-49886 page", url: "https://www.suse.com/security/cve/CVE-2024-49886/", }, { category: "self", summary: "SUSE CVE CVE-2024-49887 page", url: "https://www.suse.com/security/cve/CVE-2024-49887/", }, { category: "self", summary: "SUSE CVE CVE-2024-49888 page", url: "https://www.suse.com/security/cve/CVE-2024-49888/", }, { category: "self", summary: "SUSE CVE CVE-2024-49889 page", url: "https://www.suse.com/security/cve/CVE-2024-49889/", }, { category: "self", summary: "SUSE CVE CVE-2024-49890 page", url: "https://www.suse.com/security/cve/CVE-2024-49890/", }, { category: "self", summary: "SUSE CVE CVE-2024-49891 page", url: "https://www.suse.com/security/cve/CVE-2024-49891/", }, { category: "self", summary: "SUSE CVE CVE-2024-49892 page", url: "https://www.suse.com/security/cve/CVE-2024-49892/", }, { category: "self", summary: "SUSE CVE CVE-2024-49893 page", url: "https://www.suse.com/security/cve/CVE-2024-49893/", }, { category: "self", summary: "SUSE CVE CVE-2024-49894 page", url: "https://www.suse.com/security/cve/CVE-2024-49894/", }, { category: "self", summary: "SUSE CVE CVE-2024-49895 page", url: "https://www.suse.com/security/cve/CVE-2024-49895/", }, { category: "self", summary: "SUSE CVE CVE-2024-49896 page", url: "https://www.suse.com/security/cve/CVE-2024-49896/", }, { category: "self", summary: "SUSE CVE CVE-2024-49897 page", url: "https://www.suse.com/security/cve/CVE-2024-49897/", }, { category: "self", summary: "SUSE CVE CVE-2024-49898 page", url: "https://www.suse.com/security/cve/CVE-2024-49898/", }, { category: "self", summary: "SUSE CVE CVE-2024-49899 page", url: "https://www.suse.com/security/cve/CVE-2024-49899/", }, { category: "self", summary: "SUSE CVE CVE-2024-49900 page", url: "https://www.suse.com/security/cve/CVE-2024-49900/", }, { category: "self", summary: "SUSE CVE CVE-2024-49901 page", url: "https://www.suse.com/security/cve/CVE-2024-49901/", }, { category: "self", summary: "SUSE CVE CVE-2024-49902 page", url: "https://www.suse.com/security/cve/CVE-2024-49902/", }, { category: "self", summary: "SUSE CVE CVE-2024-49903 page", url: "https://www.suse.com/security/cve/CVE-2024-49903/", }, { category: "self", summary: "SUSE CVE CVE-2024-49904 page", url: "https://www.suse.com/security/cve/CVE-2024-49904/", }, { category: "self", summary: "SUSE CVE CVE-2024-49905 page", url: "https://www.suse.com/security/cve/CVE-2024-49905/", }, { category: "self", summary: "SUSE CVE CVE-2024-49906 page", url: "https://www.suse.com/security/cve/CVE-2024-49906/", }, { category: "self", summary: "SUSE CVE CVE-2024-49907 page", url: "https://www.suse.com/security/cve/CVE-2024-49907/", }, { category: "self", summary: "SUSE CVE CVE-2024-49908 page", url: "https://www.suse.com/security/cve/CVE-2024-49908/", }, { category: "self", summary: "SUSE CVE CVE-2024-49909 page", url: "https://www.suse.com/security/cve/CVE-2024-49909/", }, { category: "self", summary: "SUSE CVE CVE-2024-49910 page", url: "https://www.suse.com/security/cve/CVE-2024-49910/", }, { category: "self", summary: "SUSE CVE CVE-2024-49911 page", url: "https://www.suse.com/security/cve/CVE-2024-49911/", }, { category: "self", summary: "SUSE CVE CVE-2024-49912 page", url: "https://www.suse.com/security/cve/CVE-2024-49912/", }, { category: "self", summary: "SUSE CVE CVE-2024-49913 page", url: "https://www.suse.com/security/cve/CVE-2024-49913/", }, { category: "self", summary: "SUSE CVE CVE-2024-49914 page", url: "https://www.suse.com/security/cve/CVE-2024-49914/", }, { category: "self", summary: "SUSE CVE CVE-2024-49915 page", url: "https://www.suse.com/security/cve/CVE-2024-49915/", }, { category: "self", summary: "SUSE CVE CVE-2024-49916 page", url: "https://www.suse.com/security/cve/CVE-2024-49916/", }, { category: "self", summary: "SUSE CVE CVE-2024-49917 page", url: "https://www.suse.com/security/cve/CVE-2024-49917/", }, { category: "self", summary: "SUSE CVE CVE-2024-49918 page", url: "https://www.suse.com/security/cve/CVE-2024-49918/", }, { category: "self", summary: "SUSE CVE CVE-2024-49919 page", url: "https://www.suse.com/security/cve/CVE-2024-49919/", }, { category: "self", summary: "SUSE CVE CVE-2024-49920 page", url: "https://www.suse.com/security/cve/CVE-2024-49920/", }, { category: "self", summary: "SUSE CVE CVE-2024-49921 page", url: "https://www.suse.com/security/cve/CVE-2024-49921/", }, { category: "self", summary: "SUSE CVE CVE-2024-49922 page", url: "https://www.suse.com/security/cve/CVE-2024-49922/", }, { category: "self", summary: "SUSE CVE CVE-2024-49923 page", url: "https://www.suse.com/security/cve/CVE-2024-49923/", }, { category: "self", summary: "SUSE CVE CVE-2024-49924 page", url: "https://www.suse.com/security/cve/CVE-2024-49924/", }, { category: "self", summary: "SUSE CVE CVE-2024-49925 page", url: "https://www.suse.com/security/cve/CVE-2024-49925/", }, { category: "self", summary: "SUSE CVE CVE-2024-49926 page", url: "https://www.suse.com/security/cve/CVE-2024-49926/", }, { category: "self", summary: "SUSE CVE CVE-2024-49927 page", url: "https://www.suse.com/security/cve/CVE-2024-49927/", }, { category: "self", summary: "SUSE CVE CVE-2024-49928 page", url: "https://www.suse.com/security/cve/CVE-2024-49928/", }, { category: "self", summary: "SUSE CVE CVE-2024-49929 page", url: "https://www.suse.com/security/cve/CVE-2024-49929/", }, { category: "self", summary: "SUSE CVE CVE-2024-49930 page", url: "https://www.suse.com/security/cve/CVE-2024-49930/", }, { category: "self", summary: "SUSE CVE CVE-2024-49931 page", url: "https://www.suse.com/security/cve/CVE-2024-49931/", }, { category: "self", summary: "SUSE CVE CVE-2024-49932 page", url: "https://www.suse.com/security/cve/CVE-2024-49932/", }, { category: "self", summary: "SUSE CVE CVE-2024-49933 page", url: "https://www.suse.com/security/cve/CVE-2024-49933/", }, { category: "self", summary: "SUSE CVE CVE-2024-49934 page", url: "https://www.suse.com/security/cve/CVE-2024-49934/", }, { category: "self", summary: "SUSE CVE CVE-2024-49935 page", url: "https://www.suse.com/security/cve/CVE-2024-49935/", }, { category: "self", summary: "SUSE CVE CVE-2024-49936 page", url: "https://www.suse.com/security/cve/CVE-2024-49936/", }, { category: "self", summary: "SUSE CVE CVE-2024-49937 page", url: "https://www.suse.com/security/cve/CVE-2024-49937/", }, { category: "self", summary: "SUSE CVE CVE-2024-49938 page", url: "https://www.suse.com/security/cve/CVE-2024-49938/", }, { category: "self", summary: "SUSE CVE CVE-2024-49939 page", url: "https://www.suse.com/security/cve/CVE-2024-49939/", }, { category: "self", summary: "SUSE CVE CVE-2024-49940 page", url: "https://www.suse.com/security/cve/CVE-2024-49940/", }, { category: "self", summary: "SUSE CVE CVE-2024-49941 page", url: "https://www.suse.com/security/cve/CVE-2024-49941/", }, { category: "self", summary: "SUSE CVE CVE-2024-49942 page", url: "https://www.suse.com/security/cve/CVE-2024-49942/", }, { category: "self", summary: "SUSE CVE CVE-2024-49943 page", url: "https://www.suse.com/security/cve/CVE-2024-49943/", }, { category: "self", summary: "SUSE CVE CVE-2024-49944 page", url: "https://www.suse.com/security/cve/CVE-2024-49944/", }, { category: "self", summary: "SUSE CVE CVE-2024-49945 page", url: "https://www.suse.com/security/cve/CVE-2024-49945/", }, { category: "self", summary: "SUSE CVE CVE-2024-49946 page", url: "https://www.suse.com/security/cve/CVE-2024-49946/", }, { category: "self", summary: "SUSE CVE CVE-2024-49947 page", url: "https://www.suse.com/security/cve/CVE-2024-49947/", }, { category: "self", summary: "SUSE CVE CVE-2024-49948 page", url: "https://www.suse.com/security/cve/CVE-2024-49948/", }, { category: "self", summary: "SUSE CVE CVE-2024-49949 page", url: "https://www.suse.com/security/cve/CVE-2024-49949/", }, { category: "self", summary: "SUSE CVE CVE-2024-49950 page", url: "https://www.suse.com/security/cve/CVE-2024-49950/", }, { category: "self", summary: "SUSE CVE CVE-2024-49951 page", url: "https://www.suse.com/security/cve/CVE-2024-49951/", }, { category: "self", summary: "SUSE CVE CVE-2024-49952 page", url: "https://www.suse.com/security/cve/CVE-2024-49952/", }, { category: "self", summary: "SUSE CVE CVE-2024-49953 page", url: "https://www.suse.com/security/cve/CVE-2024-49953/", }, { category: "self", summary: "SUSE CVE CVE-2024-49954 page", url: "https://www.suse.com/security/cve/CVE-2024-49954/", }, { category: "self", summary: "SUSE CVE CVE-2024-49955 page", url: "https://www.suse.com/security/cve/CVE-2024-49955/", }, { category: "self", summary: "SUSE CVE CVE-2024-49956 page", url: "https://www.suse.com/security/cve/CVE-2024-49956/", }, { category: "self", summary: "SUSE CVE CVE-2024-49957 page", url: "https://www.suse.com/security/cve/CVE-2024-49957/", }, { category: "self", summary: "SUSE CVE CVE-2024-49958 page", url: "https://www.suse.com/security/cve/CVE-2024-49958/", }, { category: "self", summary: "SUSE CVE CVE-2024-49959 page", url: "https://www.suse.com/security/cve/CVE-2024-49959/", }, { category: "self", summary: "SUSE CVE CVE-2024-49960 page", url: "https://www.suse.com/security/cve/CVE-2024-49960/", }, { category: "self", summary: "SUSE CVE CVE-2024-49961 page", url: "https://www.suse.com/security/cve/CVE-2024-49961/", }, { category: "self", summary: "SUSE CVE CVE-2024-49962 page", url: "https://www.suse.com/security/cve/CVE-2024-49962/", }, { category: "self", summary: "SUSE CVE CVE-2024-49963 page", url: "https://www.suse.com/security/cve/CVE-2024-49963/", }, { category: "self", summary: "SUSE CVE CVE-2024-49964 page", url: "https://www.suse.com/security/cve/CVE-2024-49964/", }, { category: "self", summary: "SUSE CVE CVE-2024-49965 page", url: "https://www.suse.com/security/cve/CVE-2024-49965/", }, { category: "self", summary: "SUSE CVE CVE-2024-49966 page", url: "https://www.suse.com/security/cve/CVE-2024-49966/", }, { category: "self", summary: "SUSE CVE CVE-2024-49967 page", url: "https://www.suse.com/security/cve/CVE-2024-49967/", }, { category: "self", summary: "SUSE CVE CVE-2024-49968 page", url: "https://www.suse.com/security/cve/CVE-2024-49968/", }, { category: "self", summary: "SUSE CVE CVE-2024-49969 page", url: "https://www.suse.com/security/cve/CVE-2024-49969/", }, { category: "self", summary: "SUSE CVE CVE-2024-49970 page", url: "https://www.suse.com/security/cve/CVE-2024-49970/", }, { category: "self", summary: "SUSE CVE CVE-2024-49971 page", url: "https://www.suse.com/security/cve/CVE-2024-49971/", }, { category: "self", summary: "SUSE CVE CVE-2024-49972 page", url: "https://www.suse.com/security/cve/CVE-2024-49972/", }, { category: "self", summary: "SUSE CVE CVE-2024-49973 page", url: "https://www.suse.com/security/cve/CVE-2024-49973/", }, { category: "self", summary: "SUSE CVE CVE-2024-49974 page", url: "https://www.suse.com/security/cve/CVE-2024-49974/", }, { category: "self", summary: "SUSE CVE CVE-2024-49975 page", url: "https://www.suse.com/security/cve/CVE-2024-49975/", }, { category: "self", summary: "SUSE CVE CVE-2024-49976 page", url: "https://www.suse.com/security/cve/CVE-2024-49976/", }, { category: "self", summary: "SUSE CVE CVE-2024-49977 page", url: "https://www.suse.com/security/cve/CVE-2024-49977/", }, { category: "self", summary: "SUSE CVE CVE-2024-49978 page", url: "https://www.suse.com/security/cve/CVE-2024-49978/", }, { category: "self", summary: "SUSE CVE CVE-2024-49979 page", url: "https://www.suse.com/security/cve/CVE-2024-49979/", }, { category: "self", summary: "SUSE CVE CVE-2024-49980 page", url: "https://www.suse.com/security/cve/CVE-2024-49980/", }, { category: "self", summary: "SUSE CVE CVE-2024-49981 page", url: "https://www.suse.com/security/cve/CVE-2024-49981/", }, { category: "self", summary: "SUSE CVE CVE-2024-49982 page", url: "https://www.suse.com/security/cve/CVE-2024-49982/", }, { category: "self", summary: "SUSE CVE CVE-2024-49983 page", url: "https://www.suse.com/security/cve/CVE-2024-49983/", }, { category: "self", summary: "SUSE CVE CVE-2024-49984 page", url: "https://www.suse.com/security/cve/CVE-2024-49984/", }, { category: "self", summary: "SUSE CVE CVE-2024-49985 page", url: "https://www.suse.com/security/cve/CVE-2024-49985/", }, { category: "self", summary: "SUSE CVE CVE-2024-49986 page", url: "https://www.suse.com/security/cve/CVE-2024-49986/", }, { category: "self", summary: "SUSE CVE CVE-2024-49987 page", url: "https://www.suse.com/security/cve/CVE-2024-49987/", }, { category: "self", summary: "SUSE CVE CVE-2024-49988 page", url: "https://www.suse.com/security/cve/CVE-2024-49988/", }, { category: "self", summary: "SUSE CVE CVE-2024-49989 page", url: "https://www.suse.com/security/cve/CVE-2024-49989/", }, { category: "self", summary: "SUSE CVE CVE-2024-49990 page", url: "https://www.suse.com/security/cve/CVE-2024-49990/", }, { category: "self", summary: "SUSE CVE CVE-2024-49991 page", url: "https://www.suse.com/security/cve/CVE-2024-49991/", }, { category: "self", summary: "SUSE CVE CVE-2024-49992 page", url: "https://www.suse.com/security/cve/CVE-2024-49992/", }, { category: "self", summary: "SUSE CVE CVE-2024-49994 page", url: "https://www.suse.com/security/cve/CVE-2024-49994/", }, { category: "self", summary: "SUSE CVE CVE-2024-49995 page", url: "https://www.suse.com/security/cve/CVE-2024-49995/", }, { category: "self", summary: "SUSE CVE CVE-2024-49996 page", url: "https://www.suse.com/security/cve/CVE-2024-49996/", }, { category: "self", summary: "SUSE CVE CVE-2024-49997 page", url: "https://www.suse.com/security/cve/CVE-2024-49997/", }, { category: "self", summary: "SUSE CVE CVE-2024-49998 page", url: "https://www.suse.com/security/cve/CVE-2024-49998/", }, { category: "self", summary: "SUSE CVE CVE-2024-49999 page", url: "https://www.suse.com/security/cve/CVE-2024-49999/", }, { category: "self", summary: "SUSE CVE CVE-2024-50000 page", url: "https://www.suse.com/security/cve/CVE-2024-50000/", }, { category: "self", summary: "SUSE CVE CVE-2024-50001 page", url: "https://www.suse.com/security/cve/CVE-2024-50001/", }, { category: "self", summary: "SUSE CVE CVE-2024-50002 page", url: "https://www.suse.com/security/cve/CVE-2024-50002/", }, { category: "self", summary: "SUSE CVE CVE-2024-50003 page", url: "https://www.suse.com/security/cve/CVE-2024-50003/", }, { category: "self", summary: "SUSE CVE CVE-2024-50004 page", url: "https://www.suse.com/security/cve/CVE-2024-50004/", }, { category: "self", summary: "SUSE CVE CVE-2024-50005 page", url: "https://www.suse.com/security/cve/CVE-2024-50005/", }, { category: "self", summary: "SUSE CVE CVE-2024-50006 page", url: "https://www.suse.com/security/cve/CVE-2024-50006/", }, { category: "self", summary: "SUSE CVE CVE-2024-50007 page", url: "https://www.suse.com/security/cve/CVE-2024-50007/", }, { category: "self", summary: "SUSE CVE CVE-2024-50008 page", url: "https://www.suse.com/security/cve/CVE-2024-50008/", }, { category: "self", summary: "SUSE CVE CVE-2024-50009 page", url: "https://www.suse.com/security/cve/CVE-2024-50009/", }, { category: "self", summary: "SUSE CVE CVE-2024-50010 page", url: "https://www.suse.com/security/cve/CVE-2024-50010/", }, { category: "self", summary: "SUSE CVE CVE-2024-50011 page", url: "https://www.suse.com/security/cve/CVE-2024-50011/", }, { category: "self", summary: "SUSE CVE CVE-2024-50012 page", url: "https://www.suse.com/security/cve/CVE-2024-50012/", }, { category: "self", summary: "SUSE CVE CVE-2024-50013 page", url: "https://www.suse.com/security/cve/CVE-2024-50013/", }, { category: "self", summary: "SUSE CVE CVE-2024-50014 page", url: "https://www.suse.com/security/cve/CVE-2024-50014/", }, { category: "self", summary: "SUSE CVE CVE-2024-50015 page", url: "https://www.suse.com/security/cve/CVE-2024-50015/", }, { category: "self", summary: "SUSE CVE CVE-2024-50016 page", url: "https://www.suse.com/security/cve/CVE-2024-50016/", }, { category: "self", summary: "SUSE CVE CVE-2024-50017 page", url: "https://www.suse.com/security/cve/CVE-2024-50017/", }, { category: "self", summary: "SUSE CVE CVE-2024-50018 page", url: "https://www.suse.com/security/cve/CVE-2024-50018/", }, { category: "self", summary: "SUSE CVE CVE-2024-50019 page", url: "https://www.suse.com/security/cve/CVE-2024-50019/", }, { category: "self", summary: "SUSE CVE CVE-2024-50020 page", url: "https://www.suse.com/security/cve/CVE-2024-50020/", }, { category: "self", summary: "SUSE CVE CVE-2024-50021 page", url: "https://www.suse.com/security/cve/CVE-2024-50021/", }, { category: "self", summary: "SUSE CVE CVE-2024-50022 page", url: "https://www.suse.com/security/cve/CVE-2024-50022/", }, { category: "self", summary: "SUSE CVE CVE-2024-50023 page", url: "https://www.suse.com/security/cve/CVE-2024-50023/", }, { category: "self", summary: "SUSE CVE CVE-2024-50024 page", url: "https://www.suse.com/security/cve/CVE-2024-50024/", }, { category: "self", summary: "SUSE CVE CVE-2024-50025 page", url: "https://www.suse.com/security/cve/CVE-2024-50025/", }, { category: "self", summary: "SUSE CVE CVE-2024-50026 page", url: "https://www.suse.com/security/cve/CVE-2024-50026/", }, { category: "self", summary: "SUSE CVE CVE-2024-50027 page", url: "https://www.suse.com/security/cve/CVE-2024-50027/", }, { category: "self", summary: "SUSE CVE CVE-2024-50028 page", url: "https://www.suse.com/security/cve/CVE-2024-50028/", }, { category: "self", summary: "SUSE CVE CVE-2024-50029 page", url: "https://www.suse.com/security/cve/CVE-2024-50029/", }, { category: "self", summary: "SUSE CVE CVE-2024-50030 page", url: "https://www.suse.com/security/cve/CVE-2024-50030/", }, { category: "self", summary: "SUSE CVE CVE-2024-50031 page", url: "https://www.suse.com/security/cve/CVE-2024-50031/", }, { category: "self", summary: "SUSE CVE CVE-2024-50032 page", url: "https://www.suse.com/security/cve/CVE-2024-50032/", }, { category: "self", summary: "SUSE CVE CVE-2024-50033 page", url: "https://www.suse.com/security/cve/CVE-2024-50033/", }, { category: "self", summary: "SUSE CVE CVE-2024-50034 page", url: "https://www.suse.com/security/cve/CVE-2024-50034/", }, { category: "self", summary: "SUSE CVE CVE-2024-50035 page", url: "https://www.suse.com/security/cve/CVE-2024-50035/", }, { category: "self", summary: "SUSE CVE CVE-2024-50036 page", url: "https://www.suse.com/security/cve/CVE-2024-50036/", }, { category: "self", summary: "SUSE CVE CVE-2024-50037 page", url: "https://www.suse.com/security/cve/CVE-2024-50037/", }, { category: "self", summary: "SUSE CVE CVE-2024-50038 page", url: "https://www.suse.com/security/cve/CVE-2024-50038/", }, { category: "self", summary: "SUSE CVE CVE-2024-50039 page", url: "https://www.suse.com/security/cve/CVE-2024-50039/", }, { category: "self", summary: "SUSE CVE CVE-2024-50040 page", url: "https://www.suse.com/security/cve/CVE-2024-50040/", }, { category: "self", summary: "SUSE CVE CVE-2024-50041 page", url: "https://www.suse.com/security/cve/CVE-2024-50041/", }, { category: "self", summary: "SUSE CVE CVE-2024-50042 page", url: "https://www.suse.com/security/cve/CVE-2024-50042/", }, { category: "self", summary: "SUSE CVE CVE-2024-50043 page", url: "https://www.suse.com/security/cve/CVE-2024-50043/", }, { category: "self", summary: "SUSE CVE CVE-2024-50044 page", url: "https://www.suse.com/security/cve/CVE-2024-50044/", }, { category: "self", summary: "SUSE CVE CVE-2024-50045 page", url: "https://www.suse.com/security/cve/CVE-2024-50045/", }, { category: "self", summary: "SUSE CVE CVE-2024-50046 page", url: "https://www.suse.com/security/cve/CVE-2024-50046/", }, { category: "self", summary: "SUSE CVE CVE-2024-50047 page", url: "https://www.suse.com/security/cve/CVE-2024-50047/", }, { category: "self", summary: "SUSE CVE CVE-2024-50048 page", url: "https://www.suse.com/security/cve/CVE-2024-50048/", }, { category: "self", summary: "SUSE CVE CVE-2024-50049 page", url: "https://www.suse.com/security/cve/CVE-2024-50049/", }, { category: "self", summary: "SUSE CVE CVE-2024-50055 page", url: "https://www.suse.com/security/cve/CVE-2024-50055/", }, { category: "self", summary: "SUSE CVE CVE-2024-50056 page", url: "https://www.suse.com/security/cve/CVE-2024-50056/", }, { category: "self", summary: "SUSE CVE CVE-2024-50057 page", url: "https://www.suse.com/security/cve/CVE-2024-50057/", }, { category: "self", summary: "SUSE CVE CVE-2024-50058 page", url: "https://www.suse.com/security/cve/CVE-2024-50058/", }, { category: "self", summary: "SUSE CVE CVE-2024-50059 page", url: "https://www.suse.com/security/cve/CVE-2024-50059/", }, { category: "self", summary: "SUSE CVE CVE-2024-50060 page", url: "https://www.suse.com/security/cve/CVE-2024-50060/", }, { category: "self", summary: "SUSE CVE CVE-2024-50061 page", url: "https://www.suse.com/security/cve/CVE-2024-50061/", }, { category: "self", summary: "SUSE CVE CVE-2024-50062 page", url: "https://www.suse.com/security/cve/CVE-2024-50062/", }, { category: "self", summary: "SUSE CVE CVE-2024-50063 page", url: "https://www.suse.com/security/cve/CVE-2024-50063/", }, { category: "self", summary: "SUSE CVE CVE-2024-50064 page", url: "https://www.suse.com/security/cve/CVE-2024-50064/", }, { category: "self", summary: "SUSE CVE CVE-2024-50065 page", url: "https://www.suse.com/security/cve/CVE-2024-50065/", }, { category: "self", summary: "SUSE CVE CVE-2024-50066 page", url: "https://www.suse.com/security/cve/CVE-2024-50066/", }, { category: "self", summary: "SUSE CVE CVE-2024-50067 page", url: "https://www.suse.com/security/cve/CVE-2024-50067/", }, { category: "self", summary: "SUSE CVE CVE-2024-50068 page", url: "https://www.suse.com/security/cve/CVE-2024-50068/", }, { category: "self", summary: "SUSE CVE CVE-2024-50069 page", url: "https://www.suse.com/security/cve/CVE-2024-50069/", }, { category: "self", summary: "SUSE CVE CVE-2024-50070 page", url: "https://www.suse.com/security/cve/CVE-2024-50070/", }, { category: "self", summary: "SUSE CVE CVE-2024-50071 page", url: "https://www.suse.com/security/cve/CVE-2024-50071/", }, { category: "self", summary: "SUSE CVE CVE-2024-50072 page", url: "https://www.suse.com/security/cve/CVE-2024-50072/", }, { category: "self", summary: "SUSE CVE CVE-2024-50073 page", url: "https://www.suse.com/security/cve/CVE-2024-50073/", }, { category: "self", summary: "SUSE CVE CVE-2024-50074 page", url: "https://www.suse.com/security/cve/CVE-2024-50074/", }, { category: "self", summary: "SUSE CVE CVE-2024-50075 page", url: "https://www.suse.com/security/cve/CVE-2024-50075/", }, { category: "self", summary: "SUSE CVE CVE-2024-50076 page", url: "https://www.suse.com/security/cve/CVE-2024-50076/", }, { category: "self", summary: "SUSE CVE CVE-2024-50077 page", url: "https://www.suse.com/security/cve/CVE-2024-50077/", }, { category: "self", summary: "SUSE CVE CVE-2024-50078 page", url: "https://www.suse.com/security/cve/CVE-2024-50078/", }, { category: "self", summary: "SUSE CVE CVE-2024-50079 page", url: "https://www.suse.com/security/cve/CVE-2024-50079/", }, { category: "self", summary: "SUSE CVE CVE-2024-50080 page", url: "https://www.suse.com/security/cve/CVE-2024-50080/", }, { category: "self", summary: "SUSE CVE CVE-2024-50081 page", url: "https://www.suse.com/security/cve/CVE-2024-50081/", }, { category: "self", summary: "SUSE CVE CVE-2024-50082 page", url: "https://www.suse.com/security/cve/CVE-2024-50082/", }, { category: "self", summary: "SUSE CVE CVE-2024-50083 page", url: "https://www.suse.com/security/cve/CVE-2024-50083/", }, { category: "self", summary: "SUSE CVE CVE-2024-50084 page", url: "https://www.suse.com/security/cve/CVE-2024-50084/", }, { category: "self", summary: "SUSE CVE CVE-2024-50085 page", url: "https://www.suse.com/security/cve/CVE-2024-50085/", }, { category: "self", summary: "SUSE CVE CVE-2024-50086 page", url: "https://www.suse.com/security/cve/CVE-2024-50086/", }, { category: "self", summary: "SUSE CVE CVE-2024-50087 page", url: "https://www.suse.com/security/cve/CVE-2024-50087/", }, { category: "self", summary: "SUSE CVE CVE-2024-50088 page", url: "https://www.suse.com/security/cve/CVE-2024-50088/", }, { category: "self", summary: "SUSE CVE CVE-2024-50089 page", url: "https://www.suse.com/security/cve/CVE-2024-50089/", }, { category: "self", summary: "SUSE CVE CVE-2024-50090 page", url: "https://www.suse.com/security/cve/CVE-2024-50090/", }, { category: "self", summary: "SUSE CVE CVE-2024-50091 page", url: "https://www.suse.com/security/cve/CVE-2024-50091/", }, { category: "self", summary: "SUSE CVE CVE-2024-50092 page", url: "https://www.suse.com/security/cve/CVE-2024-50092/", }, { category: "self", summary: "SUSE CVE CVE-2024-50093 page", url: "https://www.suse.com/security/cve/CVE-2024-50093/", }, { category: "self", summary: "SUSE CVE CVE-2024-50094 page", url: "https://www.suse.com/security/cve/CVE-2024-50094/", }, { category: "self", summary: "SUSE CVE CVE-2024-50095 page", url: "https://www.suse.com/security/cve/CVE-2024-50095/", }, { category: "self", summary: "SUSE CVE CVE-2024-50096 page", url: "https://www.suse.com/security/cve/CVE-2024-50096/", }, { category: "self", summary: "SUSE CVE CVE-2024-50097 page", url: "https://www.suse.com/security/cve/CVE-2024-50097/", }, { category: "self", summary: "SUSE CVE CVE-2024-50098 page", url: "https://www.suse.com/security/cve/CVE-2024-50098/", }, { category: "self", summary: "SUSE CVE CVE-2024-50099 page", url: "https://www.suse.com/security/cve/CVE-2024-50099/", }, { category: "self", summary: "SUSE CVE CVE-2024-50100 page", url: "https://www.suse.com/security/cve/CVE-2024-50100/", }, { category: "self", summary: "SUSE CVE CVE-2024-50101 page", url: "https://www.suse.com/security/cve/CVE-2024-50101/", }, { category: "self", summary: "SUSE CVE CVE-2024-50102 page", url: "https://www.suse.com/security/cve/CVE-2024-50102/", }, { category: "self", summary: "SUSE CVE CVE-2024-50103 page", url: "https://www.suse.com/security/cve/CVE-2024-50103/", }, { category: "self", summary: "SUSE CVE CVE-2024-50104 page", url: "https://www.suse.com/security/cve/CVE-2024-50104/", }, { category: "self", summary: "SUSE CVE CVE-2024-50105 page", url: "https://www.suse.com/security/cve/CVE-2024-50105/", }, { category: "self", summary: "SUSE CVE CVE-2024-50106 page", url: "https://www.suse.com/security/cve/CVE-2024-50106/", }, { category: "self", summary: "SUSE CVE CVE-2024-50107 page", url: "https://www.suse.com/security/cve/CVE-2024-50107/", }, { category: "self", summary: "SUSE CVE CVE-2024-50108 page", url: "https://www.suse.com/security/cve/CVE-2024-50108/", }, { category: "self", summary: "SUSE CVE CVE-2024-50109 page", url: "https://www.suse.com/security/cve/CVE-2024-50109/", }, { category: "self", summary: "SUSE CVE CVE-2024-50110 page", url: "https://www.suse.com/security/cve/CVE-2024-50110/", }, { category: "self", summary: "SUSE CVE CVE-2024-50111 page", url: "https://www.suse.com/security/cve/CVE-2024-50111/", }, { category: "self", summary: "SUSE CVE CVE-2024-50112 page", url: "https://www.suse.com/security/cve/CVE-2024-50112/", }, { category: "self", summary: "SUSE CVE CVE-2024-50113 page", url: "https://www.suse.com/security/cve/CVE-2024-50113/", }, { category: "self", summary: "SUSE CVE CVE-2024-50114 page", url: "https://www.suse.com/security/cve/CVE-2024-50114/", }, { category: "self", summary: "SUSE CVE CVE-2024-50115 page", url: "https://www.suse.com/security/cve/CVE-2024-50115/", }, { category: "self", summary: "SUSE CVE CVE-2024-50116 page", url: "https://www.suse.com/security/cve/CVE-2024-50116/", }, { category: "self", summary: "SUSE CVE CVE-2024-50117 page", url: "https://www.suse.com/security/cve/CVE-2024-50117/", }, { category: "self", summary: "SUSE CVE CVE-2024-50118 page", url: "https://www.suse.com/security/cve/CVE-2024-50118/", }, { category: "self", summary: "SUSE CVE CVE-2024-50119 page", url: "https://www.suse.com/security/cve/CVE-2024-50119/", }, { category: "self", summary: "SUSE CVE CVE-2024-50120 page", url: "https://www.suse.com/security/cve/CVE-2024-50120/", }, { category: "self", summary: "SUSE CVE CVE-2024-50121 page", url: "https://www.suse.com/security/cve/CVE-2024-50121/", }, { category: "self", summary: "SUSE CVE CVE-2024-50122 page", url: "https://www.suse.com/security/cve/CVE-2024-50122/", }, { category: "self", summary: "SUSE CVE CVE-2024-50123 page", url: "https://www.suse.com/security/cve/CVE-2024-50123/", }, { category: "self", summary: "SUSE CVE CVE-2024-50124 page", url: "https://www.suse.com/security/cve/CVE-2024-50124/", }, { category: "self", summary: "SUSE CVE CVE-2024-50125 page", url: "https://www.suse.com/security/cve/CVE-2024-50125/", }, { category: "self", summary: "SUSE CVE CVE-2024-50126 page", url: "https://www.suse.com/security/cve/CVE-2024-50126/", }, { category: "self", summary: "SUSE CVE CVE-2024-50127 page", url: "https://www.suse.com/security/cve/CVE-2024-50127/", }, { category: "self", summary: "SUSE CVE CVE-2024-50128 page", url: "https://www.suse.com/security/cve/CVE-2024-50128/", }, { category: "self", summary: "SUSE CVE CVE-2024-50129 page", url: "https://www.suse.com/security/cve/CVE-2024-50129/", }, { category: "self", summary: "SUSE CVE CVE-2024-50130 page", url: "https://www.suse.com/security/cve/CVE-2024-50130/", }, { category: "self", summary: "SUSE CVE CVE-2024-50131 page", url: "https://www.suse.com/security/cve/CVE-2024-50131/", }, { category: "self", summary: "SUSE CVE CVE-2024-50132 page", url: "https://www.suse.com/security/cve/CVE-2024-50132/", }, { category: "self", summary: "SUSE CVE CVE-2024-50133 page", url: "https://www.suse.com/security/cve/CVE-2024-50133/", }, { category: "self", summary: "SUSE CVE CVE-2024-50134 page", url: "https://www.suse.com/security/cve/CVE-2024-50134/", }, { category: "self", summary: "SUSE CVE CVE-2024-50135 page", url: "https://www.suse.com/security/cve/CVE-2024-50135/", }, { category: "self", summary: "SUSE CVE CVE-2024-50136 page", url: "https://www.suse.com/security/cve/CVE-2024-50136/", }, { category: "self", summary: "SUSE CVE CVE-2024-50137 page", url: "https://www.suse.com/security/cve/CVE-2024-50137/", }, { category: "self", summary: "SUSE CVE CVE-2024-50138 page", url: "https://www.suse.com/security/cve/CVE-2024-50138/", }, { category: "self", summary: "SUSE CVE CVE-2024-50139 page", url: "https://www.suse.com/security/cve/CVE-2024-50139/", }, { category: "self", summary: "SUSE CVE CVE-2024-50140 page", url: "https://www.suse.com/security/cve/CVE-2024-50140/", }, { category: "self", summary: "SUSE CVE CVE-2024-50141 page", url: "https://www.suse.com/security/cve/CVE-2024-50141/", }, { category: "self", summary: "SUSE CVE CVE-2024-50142 page", url: "https://www.suse.com/security/cve/CVE-2024-50142/", }, { category: "self", summary: "SUSE CVE CVE-2024-50143 page", url: "https://www.suse.com/security/cve/CVE-2024-50143/", }, { category: "self", summary: "SUSE CVE CVE-2024-50144 page", url: "https://www.suse.com/security/cve/CVE-2024-50144/", }, { category: "self", summary: "SUSE CVE CVE-2024-50145 page", url: "https://www.suse.com/security/cve/CVE-2024-50145/", }, { category: "self", summary: "SUSE CVE CVE-2024-50146 page", url: "https://www.suse.com/security/cve/CVE-2024-50146/", }, { category: "self", summary: "SUSE CVE CVE-2024-50147 page", url: "https://www.suse.com/security/cve/CVE-2024-50147/", }, { category: "self", summary: "SUSE CVE CVE-2024-50148 page", url: "https://www.suse.com/security/cve/CVE-2024-50148/", }, { category: "self", summary: "SUSE CVE CVE-2024-50149 page", url: "https://www.suse.com/security/cve/CVE-2024-50149/", }, { category: "self", summary: "SUSE CVE CVE-2024-50150 page", url: "https://www.suse.com/security/cve/CVE-2024-50150/", }, { category: "self", summary: "SUSE CVE CVE-2024-50151 page", url: "https://www.suse.com/security/cve/CVE-2024-50151/", }, { category: "self", summary: "SUSE CVE CVE-2024-50152 page", url: "https://www.suse.com/security/cve/CVE-2024-50152/", }, { category: "self", summary: "SUSE CVE CVE-2024-50153 page", url: "https://www.suse.com/security/cve/CVE-2024-50153/", }, { category: "self", summary: "SUSE CVE CVE-2024-50154 page", url: "https://www.suse.com/security/cve/CVE-2024-50154/", }, { category: "self", summary: "SUSE CVE CVE-2024-50155 page", url: "https://www.suse.com/security/cve/CVE-2024-50155/", }, { category: "self", summary: "SUSE CVE CVE-2024-50156 page", url: "https://www.suse.com/security/cve/CVE-2024-50156/", }, { category: "self", summary: "SUSE CVE CVE-2024-50157 page", url: "https://www.suse.com/security/cve/CVE-2024-50157/", }, { category: "self", summary: "SUSE CVE CVE-2024-50158 page", url: "https://www.suse.com/security/cve/CVE-2024-50158/", }, { category: "self", summary: "SUSE CVE CVE-2024-50159 page", url: "https://www.suse.com/security/cve/CVE-2024-50159/", }, { category: "self", summary: "SUSE CVE CVE-2024-50160 page", url: "https://www.suse.com/security/cve/CVE-2024-50160/", }, { category: "self", summary: "SUSE CVE CVE-2024-50161 page", url: "https://www.suse.com/security/cve/CVE-2024-50161/", }, { category: "self", summary: "SUSE CVE CVE-2024-50162 page", url: "https://www.suse.com/security/cve/CVE-2024-50162/", }, { category: "self", summary: "SUSE CVE CVE-2024-50163 page", url: "https://www.suse.com/security/cve/CVE-2024-50163/", }, { category: "self", summary: "SUSE CVE CVE-2024-50164 page", url: "https://www.suse.com/security/cve/CVE-2024-50164/", }, { category: "self", summary: "SUSE CVE CVE-2024-50165 page", url: "https://www.suse.com/security/cve/CVE-2024-50165/", }, { category: "self", summary: "SUSE CVE CVE-2024-50166 page", url: "https://www.suse.com/security/cve/CVE-2024-50166/", }, { category: "self", summary: "SUSE CVE CVE-2024-50167 page", url: "https://www.suse.com/security/cve/CVE-2024-50167/", }, { category: "self", summary: "SUSE CVE CVE-2024-50168 page", url: "https://www.suse.com/security/cve/CVE-2024-50168/", }, { category: "self", summary: "SUSE CVE CVE-2024-50170 page", url: "https://www.suse.com/security/cve/CVE-2024-50170/", }, { category: "self", summary: "SUSE CVE CVE-2024-50171 page", url: "https://www.suse.com/security/cve/CVE-2024-50171/", }, { category: "self", summary: "SUSE CVE CVE-2024-50172 page", url: "https://www.suse.com/security/cve/CVE-2024-50172/", }, { category: "self", summary: "SUSE CVE CVE-2024-50173 page", url: "https://www.suse.com/security/cve/CVE-2024-50173/", }, { category: "self", summary: "SUSE CVE CVE-2024-50174 page", url: "https://www.suse.com/security/cve/CVE-2024-50174/", }, { category: "self", summary: "SUSE CVE CVE-2024-50175 page", url: "https://www.suse.com/security/cve/CVE-2024-50175/", }, { category: "self", summary: "SUSE CVE CVE-2024-50176 page", url: "https://www.suse.com/security/cve/CVE-2024-50176/", }, { category: "self", summary: "SUSE CVE CVE-2024-50177 page", url: "https://www.suse.com/security/cve/CVE-2024-50177/", }, { category: "self", summary: "SUSE CVE CVE-2024-50178 page", url: "https://www.suse.com/security/cve/CVE-2024-50178/", }, { category: "self", summary: "SUSE CVE CVE-2024-50179 page", url: "https://www.suse.com/security/cve/CVE-2024-50179/", }, { category: "self", summary: "SUSE CVE CVE-2024-50180 page", url: "https://www.suse.com/security/cve/CVE-2024-50180/", }, { category: "self", summary: "SUSE CVE CVE-2024-50181 page", url: "https://www.suse.com/security/cve/CVE-2024-50181/", }, { category: "self", summary: "SUSE CVE CVE-2024-50182 page", url: "https://www.suse.com/security/cve/CVE-2024-50182/", }, { category: "self", summary: "SUSE CVE CVE-2024-50183 page", url: "https://www.suse.com/security/cve/CVE-2024-50183/", }, { category: "self", summary: "SUSE CVE CVE-2024-50184 page", url: "https://www.suse.com/security/cve/CVE-2024-50184/", }, { category: "self", summary: "SUSE CVE CVE-2024-50185 page", url: "https://www.suse.com/security/cve/CVE-2024-50185/", }, { category: "self", summary: "SUSE CVE CVE-2024-50186 page", url: "https://www.suse.com/security/cve/CVE-2024-50186/", }, { category: "self", summary: "SUSE CVE CVE-2024-50187 page", url: "https://www.suse.com/security/cve/CVE-2024-50187/", }, { category: "self", summary: "SUSE CVE CVE-2024-50188 page", url: "https://www.suse.com/security/cve/CVE-2024-50188/", }, { category: "self", summary: "SUSE CVE CVE-2024-50189 page", url: "https://www.suse.com/security/cve/CVE-2024-50189/", }, { category: "self", summary: "SUSE CVE CVE-2024-50190 page", url: "https://www.suse.com/security/cve/CVE-2024-50190/", }, { category: "self", summary: "SUSE CVE CVE-2024-50191 page", url: "https://www.suse.com/security/cve/CVE-2024-50191/", }, { category: "self", summary: "SUSE CVE CVE-2024-50192 page", url: "https://www.suse.com/security/cve/CVE-2024-50192/", }, { category: "self", summary: "SUSE CVE CVE-2024-50193 page", url: "https://www.suse.com/security/cve/CVE-2024-50193/", }, { category: "self", summary: "SUSE CVE CVE-2024-50194 page", url: "https://www.suse.com/security/cve/CVE-2024-50194/", }, { category: "self", summary: "SUSE CVE CVE-2024-50195 page", url: "https://www.suse.com/security/cve/CVE-2024-50195/", }, { category: "self", summary: "SUSE CVE CVE-2024-50196 page", url: "https://www.suse.com/security/cve/CVE-2024-50196/", }, { category: "self", summary: "SUSE CVE CVE-2024-50197 page", url: "https://www.suse.com/security/cve/CVE-2024-50197/", }, { category: "self", summary: "SUSE CVE CVE-2024-50198 page", url: "https://www.suse.com/security/cve/CVE-2024-50198/", }, { category: "self", summary: "SUSE CVE CVE-2024-50199 page", url: "https://www.suse.com/security/cve/CVE-2024-50199/", }, { category: "self", summary: "SUSE CVE CVE-2024-50200 page", url: "https://www.suse.com/security/cve/CVE-2024-50200/", }, { category: "self", summary: "SUSE CVE CVE-2024-50201 page", url: "https://www.suse.com/security/cve/CVE-2024-50201/", }, { category: "self", summary: "SUSE CVE CVE-2024-50205 page", url: "https://www.suse.com/security/cve/CVE-2024-50205/", }, { category: "self", summary: "SUSE CVE CVE-2024-50206 page", url: "https://www.suse.com/security/cve/CVE-2024-50206/", }, { category: "self", summary: "SUSE CVE CVE-2024-50207 page", url: "https://www.suse.com/security/cve/CVE-2024-50207/", }, { category: "self", summary: "SUSE CVE CVE-2024-50208 page", url: "https://www.suse.com/security/cve/CVE-2024-50208/", }, { category: "self", summary: "SUSE CVE CVE-2024-50209 page", url: "https://www.suse.com/security/cve/CVE-2024-50209/", }, { category: "self", summary: "SUSE CVE CVE-2024-50210 page", url: "https://www.suse.com/security/cve/CVE-2024-50210/", }, { category: "self", summary: "SUSE CVE CVE-2024-50211 page", url: "https://www.suse.com/security/cve/CVE-2024-50211/", }, { category: "self", summary: "SUSE CVE CVE-2024-50212 page", url: "https://www.suse.com/security/cve/CVE-2024-50212/", }, { category: "self", summary: "SUSE CVE CVE-2024-50213 page", url: "https://www.suse.com/security/cve/CVE-2024-50213/", }, { category: "self", summary: "SUSE CVE CVE-2024-50214 page", url: "https://www.suse.com/security/cve/CVE-2024-50214/", }, { category: "self", summary: "SUSE CVE CVE-2024-50215 page", url: "https://www.suse.com/security/cve/CVE-2024-50215/", }, { category: "self", summary: "SUSE CVE CVE-2024-50216 page", url: "https://www.suse.com/security/cve/CVE-2024-50216/", }, { category: "self", summary: "SUSE CVE CVE-2024-50217 page", url: "https://www.suse.com/security/cve/CVE-2024-50217/", }, { category: "self", summary: "SUSE CVE CVE-2024-50218 page", url: "https://www.suse.com/security/cve/CVE-2024-50218/", }, { category: "self", summary: "SUSE CVE CVE-2024-50220 page", url: "https://www.suse.com/security/cve/CVE-2024-50220/", }, { category: "self", summary: "SUSE CVE CVE-2024-50221 page", url: "https://www.suse.com/security/cve/CVE-2024-50221/", }, { category: "self", summary: "SUSE CVE CVE-2024-50222 page", url: "https://www.suse.com/security/cve/CVE-2024-50222/", }, { category: "self", summary: "SUSE CVE CVE-2024-50223 page", url: "https://www.suse.com/security/cve/CVE-2024-50223/", }, { category: "self", summary: "SUSE CVE CVE-2024-50224 page", url: "https://www.suse.com/security/cve/CVE-2024-50224/", }, { category: "self", summary: "SUSE CVE CVE-2024-50225 page", url: "https://www.suse.com/security/cve/CVE-2024-50225/", }, { category: "self", summary: "SUSE CVE CVE-2024-50226 page", url: "https://www.suse.com/security/cve/CVE-2024-50226/", }, { category: "self", summary: "SUSE CVE CVE-2024-50227 page", url: "https://www.suse.com/security/cve/CVE-2024-50227/", }, { category: "self", summary: "SUSE CVE CVE-2024-50228 page", url: "https://www.suse.com/security/cve/CVE-2024-50228/", }, { category: "self", summary: "SUSE CVE CVE-2024-50229 page", url: "https://www.suse.com/security/cve/CVE-2024-50229/", }, { category: "self", summary: "SUSE CVE CVE-2024-50230 page", url: "https://www.suse.com/security/cve/CVE-2024-50230/", }, { category: "self", summary: "SUSE CVE CVE-2024-50231 page", url: "https://www.suse.com/security/cve/CVE-2024-50231/", }, { category: "self", summary: "SUSE CVE CVE-2024-50232 page", url: "https://www.suse.com/security/cve/CVE-2024-50232/", }, { category: "self", summary: "SUSE CVE CVE-2024-50233 page", url: "https://www.suse.com/security/cve/CVE-2024-50233/", }, { category: "self", summary: "SUSE CVE CVE-2024-50234 page", url: "https://www.suse.com/security/cve/CVE-2024-50234/", }, { category: "self", summary: "SUSE CVE CVE-2024-50235 page", url: "https://www.suse.com/security/cve/CVE-2024-50235/", }, { category: "self", summary: "SUSE CVE CVE-2024-50236 page", url: "https://www.suse.com/security/cve/CVE-2024-50236/", }, { category: "self", summary: "SUSE CVE CVE-2024-50237 page", url: "https://www.suse.com/security/cve/CVE-2024-50237/", }, { category: "self", summary: "SUSE CVE CVE-2024-50238 page", url: "https://www.suse.com/security/cve/CVE-2024-50238/", }, { category: "self", summary: "SUSE CVE CVE-2024-50239 page", url: "https://www.suse.com/security/cve/CVE-2024-50239/", }, { category: "self", summary: "SUSE CVE CVE-2024-50240 page", url: "https://www.suse.com/security/cve/CVE-2024-50240/", }, { category: "self", summary: "SUSE CVE CVE-2024-50241 page", url: "https://www.suse.com/security/cve/CVE-2024-50241/", }, { category: "self", summary: "SUSE CVE CVE-2024-50242 page", url: "https://www.suse.com/security/cve/CVE-2024-50242/", }, { category: "self", summary: "SUSE CVE CVE-2024-50243 page", url: "https://www.suse.com/security/cve/CVE-2024-50243/", }, { category: "self", summary: "SUSE CVE CVE-2024-50244 page", url: "https://www.suse.com/security/cve/CVE-2024-50244/", }, { category: "self", summary: "SUSE CVE CVE-2024-50245 page", url: "https://www.suse.com/security/cve/CVE-2024-50245/", }, { category: "self", summary: "SUSE CVE CVE-2024-50246 page", url: "https://www.suse.com/security/cve/CVE-2024-50246/", }, { category: "self", summary: "SUSE CVE CVE-2024-50247 page", url: "https://www.suse.com/security/cve/CVE-2024-50247/", }, { category: "self", summary: "SUSE CVE CVE-2024-50248 page", url: "https://www.suse.com/security/cve/CVE-2024-50248/", }, { category: "self", summary: "SUSE CVE CVE-2024-50249 page", url: "https://www.suse.com/security/cve/CVE-2024-50249/", }, { category: "self", summary: "SUSE CVE CVE-2024-50250 page", url: "https://www.suse.com/security/cve/CVE-2024-50250/", }, { category: "self", summary: "SUSE CVE CVE-2024-50251 page", url: "https://www.suse.com/security/cve/CVE-2024-50251/", }, { category: "self", summary: "SUSE CVE CVE-2024-50252 page", url: "https://www.suse.com/security/cve/CVE-2024-50252/", }, { category: "self", summary: "SUSE CVE CVE-2024-50253 page", url: "https://www.suse.com/security/cve/CVE-2024-50253/", }, { category: "self", summary: "SUSE CVE CVE-2024-50254 page", url: "https://www.suse.com/security/cve/CVE-2024-50254/", }, { category: "self", summary: "SUSE CVE CVE-2024-50255 page", url: "https://www.suse.com/security/cve/CVE-2024-50255/", }, { category: "self", summary: "SUSE CVE CVE-2024-50256 page", url: "https://www.suse.com/security/cve/CVE-2024-50256/", }, { category: "self", summary: "SUSE CVE CVE-2024-50257 page", url: "https://www.suse.com/security/cve/CVE-2024-50257/", }, { category: "self", summary: "SUSE CVE CVE-2024-50258 page", url: "https://www.suse.com/security/cve/CVE-2024-50258/", }, { category: "self", summary: "SUSE CVE CVE-2024-50259 page", url: "https://www.suse.com/security/cve/CVE-2024-50259/", }, { category: "self", summary: "SUSE CVE CVE-2024-50260 page", url: "https://www.suse.com/security/cve/CVE-2024-50260/", }, { category: "self", summary: "SUSE CVE CVE-2024-50261 page", url: "https://www.suse.com/security/cve/CVE-2024-50261/", }, { category: "self", summary: "SUSE CVE CVE-2024-50262 page", url: "https://www.suse.com/security/cve/CVE-2024-50262/", }, { category: "self", summary: "SUSE CVE CVE-2024-50263 page", url: "https://www.suse.com/security/cve/CVE-2024-50263/", }, ], title: "kernel-devel-6.11.8-1.1 on GA media", tracking: { current_release_date: "2024-11-15T00:00:00Z", generator: { date: "2024-11-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:14500-1", initial_release_date: "2024-11-15T00:00:00Z", revision_history: [ { date: "2024-11-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-6.11.8-1.1.aarch64", product: { name: "kernel-devel-6.11.8-1.1.aarch64", product_id: "kernel-devel-6.11.8-1.1.aarch64", }, }, { category: "product_version", name: "kernel-macros-6.11.8-1.1.aarch64", product: { name: "kernel-macros-6.11.8-1.1.aarch64", product_id: "kernel-macros-6.11.8-1.1.aarch64", }, }, { category: "product_version", name: "kernel-source-6.11.8-1.1.aarch64", product: { name: "kernel-source-6.11.8-1.1.aarch64", product_id: "kernel-source-6.11.8-1.1.aarch64", }, }, { category: "product_version", name: "kernel-source-vanilla-6.11.8-1.1.aarch64", product: { name: "kernel-source-vanilla-6.11.8-1.1.aarch64", product_id: "kernel-source-vanilla-6.11.8-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-6.11.8-1.1.ppc64le", product: { name: "kernel-devel-6.11.8-1.1.ppc64le", product_id: "kernel-devel-6.11.8-1.1.ppc64le", }, }, { category: "product_version", name: "kernel-macros-6.11.8-1.1.ppc64le", product: { name: "kernel-macros-6.11.8-1.1.ppc64le", product_id: "kernel-macros-6.11.8-1.1.ppc64le", }, }, { category: "product_version", name: "kernel-source-6.11.8-1.1.ppc64le", product: { name: "kernel-source-6.11.8-1.1.ppc64le", product_id: "kernel-source-6.11.8-1.1.ppc64le", }, }, { category: "product_version", name: "kernel-source-vanilla-6.11.8-1.1.ppc64le", product: { name: "kernel-source-vanilla-6.11.8-1.1.ppc64le", product_id: "kernel-source-vanilla-6.11.8-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-devel-6.11.8-1.1.s390x", product: { name: "kernel-devel-6.11.8-1.1.s390x", product_id: "kernel-devel-6.11.8-1.1.s390x", }, }, { category: "product_version", name: "kernel-macros-6.11.8-1.1.s390x", product: { name: "kernel-macros-6.11.8-1.1.s390x", product_id: "kernel-macros-6.11.8-1.1.s390x", }, }, { category: "product_version", name: "kernel-source-6.11.8-1.1.s390x", product: { name: "kernel-source-6.11.8-1.1.s390x", product_id: "kernel-source-6.11.8-1.1.s390x", }, }, { category: "product_version", name: "kernel-source-vanilla-6.11.8-1.1.s390x", product: { name: "kernel-source-vanilla-6.11.8-1.1.s390x", product_id: "kernel-source-vanilla-6.11.8-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-devel-6.11.8-1.1.x86_64", product: { name: "kernel-devel-6.11.8-1.1.x86_64", product_id: "kernel-devel-6.11.8-1.1.x86_64", }, }, { category: "product_version", name: "kernel-macros-6.11.8-1.1.x86_64", product: { name: "kernel-macros-6.11.8-1.1.x86_64", product_id: "kernel-macros-6.11.8-1.1.x86_64", }, }, { category: "product_version", name: "kernel-source-6.11.8-1.1.x86_64", product: { name: "kernel-source-6.11.8-1.1.x86_64", product_id: "kernel-source-6.11.8-1.1.x86_64", }, }, { category: "product_version", name: "kernel-source-vanilla-6.11.8-1.1.x86_64", product: { name: "kernel-source-vanilla-6.11.8-1.1.x86_64", product_id: "kernel-source-vanilla-6.11.8-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-devel-6.11.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", }, product_reference: "kernel-devel-6.11.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-6.11.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", }, product_reference: "kernel-devel-6.11.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-6.11.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", }, product_reference: "kernel-devel-6.11.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-6.11.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", }, product_reference: "kernel-devel-6.11.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-6.11.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", }, product_reference: "kernel-macros-6.11.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-6.11.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", }, product_reference: "kernel-macros-6.11.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-6.11.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", }, product_reference: "kernel-macros-6.11.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-6.11.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", }, product_reference: "kernel-macros-6.11.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-6.11.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", }, product_reference: "kernel-source-6.11.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-6.11.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", }, product_reference: "kernel-source-6.11.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-6.11.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", }, product_reference: "kernel-source-6.11.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-6.11.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", }, product_reference: "kernel-source-6.11.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-6.11.8-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", }, product_reference: "kernel-source-vanilla-6.11.8-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-6.11.8-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", }, product_reference: "kernel-source-vanilla-6.11.8-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-6.11.8-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", }, product_reference: "kernel-source-vanilla-6.11.8-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-6.11.8-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", }, product_reference: "kernel-source-vanilla-6.11.8-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2023-52917", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52917", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52917", url: "https://www.suse.com/security/cve/CVE-2023-52917", }, { category: "external", summary: "SUSE Bug 1231849 for CVE-2023-52917", url: "https://bugzilla.suse.com/1231849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52917", }, { cve: "CVE-2024-46869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-46869", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel_pcie: Allocate memory for driver private data\n\nFix driver not allocating memory for struct btintel_data which is used\nto store internal data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-46869", url: "https://www.suse.com/security/cve/CVE-2024-46869", }, { category: "external", summary: "SUSE Bug 1231173 for CVE-2024-46869", url: "https://bugzilla.suse.com/1231173", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-46869", }, { cve: "CVE-2024-47671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47671", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbtmc: prevent kernel-usb-infoleak\n\nThe syzbot reported a kernel-usb-infoleak in usbtmc_write,\nwe need to clear the structure before filling fields.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47671", url: "https://www.suse.com/security/cve/CVE-2024-47671", }, { category: "external", summary: "SUSE Bug 1231541 for CVE-2024-47671", url: "https://bugzilla.suse.com/1231541", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-47671", }, { cve: "CVE-2024-47675", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47675", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix use-after-free in bpf_uprobe_multi_link_attach()\n\nIf bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the\nerror_free label and frees the array of bpf_uprobe's without calling\nbpf_uprobe_unregister().\n\nThis leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer\nwithout removing it from the uprobe->consumers list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47675", url: "https://www.suse.com/security/cve/CVE-2024-47675", }, { category: "external", summary: "SUSE Bug 1231926 for CVE-2024-47675", url: "https://bugzilla.suse.com/1231926", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47675", }, { cve: "CVE-2024-47676", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47676", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb.c: fix UAF of vma in hugetlb fault pathway\n\nSyzbot reports a UAF in hugetlb_fault(). This happens because\nvmf_anon_prepare() could drop the per-VMA lock and allow the current VMA\nto be freed before hugetlb_vma_unlock_read() is called.\n\nWe can fix this by using a modified version of vmf_anon_prepare() that\ndoesn't release the VMA lock on failure, and then release it ourselves\nafter hugetlb_vma_unlock_read().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47676", url: "https://www.suse.com/security/cve/CVE-2024-47676", }, { category: "external", summary: "SUSE Bug 1231927 for CVE-2024-47676", url: "https://bugzilla.suse.com/1231927", }, { category: "external", summary: "SUSE Bug 1232898 for CVE-2024-47676", url: "https://bugzilla.suse.com/1232898", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47676", }, { cve: "CVE-2024-47677", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47677", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: resolve memory leak from exfat_create_upcase_table()\n\nIf exfat_load_upcase_table reaches end and returns -EINVAL,\nallocated memory doesn't get freed and while\nexfat_load_default_upcase_table allocates more memory, leading to a\nmemory leak.\n\nHere's link to syzkaller crash report illustrating this issue:\nhttps://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47677", url: "https://www.suse.com/security/cve/CVE-2024-47677", }, { category: "external", summary: "SUSE Bug 1231853 for CVE-2024-47677", url: "https://bugzilla.suse.com/1231853", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47677", }, { cve: "CVE-2024-47678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47678", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: change the order of rate limits\n\nICMP messages are ratelimited :\n\nAfter the blamed commits, the two rate limiters are applied in this order:\n\n1) host wide ratelimit (icmp_global_allow())\n\n2) Per destination ratelimit (inetpeer based)\n\nIn order to avoid side-channels attacks, we need to apply\nthe per destination check first.\n\nThis patch makes the following change :\n\n1) icmp_global_allow() checks if the host wide limit is reached.\n But credits are not yet consumed. This is deferred to 3)\n\n2) The per destination limit is checked/updated.\n This might add a new node in inetpeer tree.\n\n3) icmp_global_consume() consumes tokens if prior operations succeeded.\n\nThis means that host wide ratelimit is still effective\nin keeping inetpeer tree small even under DDOS.\n\nAs a bonus, I removed icmp_global.lock as the fast path\ncan use a lock-free operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47678", url: "https://www.suse.com/security/cve/CVE-2024-47678", }, { category: "external", summary: "SUSE Bug 1231854 for CVE-2024-47678", url: "https://bugzilla.suse.com/1231854", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47678", }, { cve: "CVE-2024-47679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47679", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()&iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it'a race in vfs.\n\nLet's assume there's a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there's a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n ->spin_lock(inode)\n ->dec i_count to 0\n ->iput_final() generic_shutdown_super()\n ->__inode_add_lru() ->evict_inodes()\n // cause some reason[2] ->if (atomic_read(inode->i_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n ->spin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n ->find_inode()\n // found the above inode 261\n ->spin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n ->__iget()\n ->spin_unlock(inode) // schedule back\n ->spin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() ->spin_unlock(inode)\n ->spin_lock(inode)\t\t\t ->evict()\n // dec i_count to 0\n ->iput_final()\n ->spin_unlock()\n ->evict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode->i_state & I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode->i_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47679", url: "https://www.suse.com/security/cve/CVE-2024-47679", }, { category: "external", summary: "SUSE Bug 1231930 for CVE-2024-47679", url: "https://bugzilla.suse.com/1231930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47679", }, { cve: "CVE-2024-47680", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47680", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: check discard support for conventional zones\n\nAs the helper function f2fs_bdev_support_discard() shows, f2fs checks if\nthe target block devices support discard by calling\nbdev_max_discard_sectors() and bdev_is_zoned(). This check works well\nfor most cases, but it does not work for conventional zones on zoned\nblock devices. F2fs assumes that zoned block devices support discard,\nand calls __submit_discard_cmd(). When __submit_discard_cmd() is called\nfor sequential write required zones, it works fine since\n__submit_discard_cmd() issues zone reset commands instead of discard\ncommands. However, when __submit_discard_cmd() is called for\nconventional zones, __blkdev_issue_discard() is called even when the\ndevices do not support discard.\n\nThe inappropriate __blkdev_issue_discard() call was not a problem before\nthe commit 30f1e7241422 (\"block: move discard checks into the ioctl\nhandler\") because __blkdev_issue_discard() checked if the target devices\nsupport discard or not. If not, it returned EOPNOTSUPP. After the\ncommit, __blkdev_issue_discard() no longer checks it. It always returns\nzero and sets NULL to the given bio pointer. This NULL pointer triggers\nf2fs_bug_on() in __submit_discard_cmd(). The BUG is recreated with the\ncommands below at the umount step, where /dev/nullb0 is a zoned null_blk\nwith 5GB total size, 128MB zone size and 10 conventional zones.\n\n$ mkfs.f2fs -f -m /dev/nullb0\n$ mount /dev/nullb0 /mnt\n$ for ((i=0;i<5;i++)); do dd if=/dev/zero of=/mnt/test bs=65536 count=1600 conv=fsync; done\n$ umount /mnt\n\nTo fix the BUG, avoid the inappropriate __blkdev_issue_discard() call.\nWhen discard is requested for conventional zones, check if the device\nsupports discard or not. If not, return EOPNOTSUPP.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47680", url: "https://www.suse.com/security/cve/CVE-2024-47680", }, { category: "external", summary: "SUSE Bug 1231970 for CVE-2024-47680", url: "https://bugzilla.suse.com/1231970", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47680", }, { cve: "CVE-2024-47681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47681", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he\n\nFix the NULL pointer dereference in mt7996_mcu_sta_bfer_he\nroutine adding an sta interface to the mt7996 driver.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47681", url: "https://www.suse.com/security/cve/CVE-2024-47681", }, { category: "external", summary: "SUSE Bug 1231855 for CVE-2024-47681", url: "https://bugzilla.suse.com/1231855", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47681", }, { cve: "CVE-2024-47682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47682", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sd: Fix off-by-one error in sd_read_block_characteristics()\n\nFf the device returns page 0xb1 with length 8 (happens with qemu v2.x, for\nexample), sd_read_block_characteristics() may attempt an out-of-bounds\nmemory access when accessing the zoned field at offset 8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47682", url: "https://www.suse.com/security/cve/CVE-2024-47682", }, { category: "external", summary: "SUSE Bug 1231856 for CVE-2024-47682", url: "https://bugzilla.suse.com/1231856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47682", }, { cve: "CVE-2024-47683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47683", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Skip Recompute DSC Params if no Stream on Link\n\n[why]\nEncounter NULL pointer dereference uner mst + dsc setup.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2\n Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022\n RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\n Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>\n RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\n RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\n RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\n R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\n R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\n FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0\n Call Trace:\n<TASK>\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? plist_add+0xbe/0x100\n ? exc_page_fault+0x7c/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n drm_atomic_check_only+0x5c5/0xa40\n drm_mode_atomic_ioctl+0x76e/0xbc0\n\n[how]\ndsc recompute should be skipped if no mode change detected on the new\nrequest. If detected, keep checking whether the stream is already on\ncurrent state or not.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47683", url: "https://www.suse.com/security/cve/CVE-2024-47683", }, { category: "external", summary: "SUSE Bug 1231975 for CVE-2024-47683", url: "https://bugzilla.suse.com/1231975", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47683", }, { cve: "CVE-2024-47684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47684", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 <48> 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47684", url: "https://www.suse.com/security/cve/CVE-2024-47684", }, { category: "external", summary: "SUSE Bug 1231987 for CVE-2024-47684", url: "https://bugzilla.suse.com/1231987", }, { category: "external", summary: "SUSE Bug 1231993 for CVE-2024-47684", url: "https://bugzilla.suse.com/1231993", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47684", }, { cve: "CVE-2024-47685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47685", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()\n\nsyzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending\ngarbage on the four reserved tcp bits (th->res1)\n\nUse skb_put_zero() to clear the whole TCP header,\nas done in nf_reject_ip_tcphdr_put()\n\nBUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775\n process_backlog+0x4ad/0xa50 net/core/dev.c:6108\n __napi_poll+0xe7/0x980 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963\n handle_softirqs+0x1ce/0x800 kernel/softirq.c:554\n __do_softirq+0x14/0x1a kernel/softirq.c:588\n do_softirq+0x9a/0x100 kernel/softirq.c:455\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline]\n __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\n neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565\n neigh_output include/net/neighbour.h:542 [inline]\n ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366\n inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135\n __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143\n tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333\n __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679\n inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750\n __sys_connect_file net/socket.c:2061 [inline]\n __sys_connect+0x606/0x690 net/socket.c:2078\n __do_sys_connect net/socket.c:2088 [inline]\n __se_sys_connect net/socket.c:2085 [inline]\n __x64_sys_connect+0x91/0xe0 net/socket.c:2085\n x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was stored to memory at:\n nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47685", url: "https://www.suse.com/security/cve/CVE-2024-47685", }, { category: "external", summary: "SUSE Bug 1231998 for CVE-2024-47685", url: "https://bugzilla.suse.com/1231998", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47685", }, { cve: "CVE-2024-47686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47686", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()\n\nThe psc->div[] array has psc->num_div elements. These values come from\nwhen we call clk_hw_register_div(). It's adc_divisors and\nARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be >=\ninstead of > to prevent an out of bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47686", url: "https://www.suse.com/security/cve/CVE-2024-47686", }, { category: "external", summary: "SUSE Bug 1232000 for CVE-2024-47686", url: "https://bugzilla.suse.com/1232000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-47686", }, { cve: "CVE-2024-47687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47687", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: Fix invalid mr resource destroy\n\nCertain error paths from mlx5_vdpa_dev_add() can end up releasing mr\nresources which never got initialized in the first place.\n\nThis patch adds the missing check in mlx5_vdpa_destroy_mr_resources()\nto block releasing non-initialized mr resources.\n\nReference trace:\n\n mlx5_core 0000:08:00.2: mlx5_vdpa_dev_add:3274:(pid 2700) warning: No mac address provisioned?\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 140216067 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 8 PID: 2700 Comm: vdpa Kdump: loaded Not tainted 5.14.0-496.el9.x86_64 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n Code: [...]\n RSP: 0018:ff1c823ac23077f0 EFLAGS: 00010246\n RAX: ffffffffc1a21a60 RBX: ffffffff899567a0 RCX: 0000000000000000\n RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ff1bda1f7c21e800 R08: 0000000000000000 R09: ff1c823ac2307670\n R10: ff1c823ac2307668 R11: ffffffff8a9e7b68 R12: 0000000000000000\n R13: 0000000000000000 R14: ff1bda1f43e341a0 R15: 00000000ffffffea\n FS: 00007f56eba7c740(0000) GS:ff1bda269f800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000104d90001 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n ? __die_body.cold+0x8/0xd\n ? page_fault_oops+0x134/0x170\n ? __irq_work_queue_local+0x2b/0xc0\n ? irq_work_queue+0x2c/0x50\n ? exc_page_fault+0x62/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_mlx5_vdpa_free+0x10/0x10 [mlx5_vdpa]\n ? vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n vdpa_release_dev+0x1e/0x50 [vdpa]\n device_release+0x31/0x90\n kobject_cleanup+0x37/0x130\n mlx5_vdpa_dev_add+0x2d2/0x7a0 [mlx5_vdpa]\n vdpa_nl_cmd_dev_add_set_doit+0x277/0x4c0 [vdpa]\n genl_family_rcv_msg_doit+0xd9/0x130\n genl_family_rcv_msg+0x14d/0x220\n ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa]\n ? _copy_to_user+0x1a/0x30\n ? move_addr_to_user+0x4b/0xe0\n genl_rcv_msg+0x47/0xa0\n ? __import_iovec+0x46/0x150\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x245/0x370\n netlink_sendmsg+0x206/0x440\n __sys_sendto+0x1dc/0x1f0\n ? do_read_fault+0x10c/0x1d0\n ? do_pte_missing+0x10d/0x190\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x5c/0xf0\n ? __count_memcg_events+0x4f/0xb0\n ? mm_account_fault+0x6c/0x100\n ? handle_mm_fault+0x116/0x270\n ? do_user_addr_fault+0x1d6/0x6a0\n ? do_syscall_64+0x6b/0xf0\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0x80", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47687", url: "https://www.suse.com/security/cve/CVE-2024-47687", }, { category: "external", summary: "SUSE Bug 1232003 for CVE-2024-47687", url: "https://bugzilla.suse.com/1232003", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47687", }, { cve: "CVE-2024-47688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47688", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: Fix a potential null-ptr-deref in module_add_driver()\n\nInject fault while probing of-fpga-region, if kasprintf() fails in\nmodule_add_driver(), the second sysfs_remove_link() in exit path will cause\nnull-ptr-deref as below because kernfs_name_hash() will call strlen() with\nNULL driver_name.\n\nFix it by releasing resources based on the exit path sequence.\n\n\t KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\t Mem abort info:\n\t ESR = 0x0000000096000005\n\t EC = 0x25: DABT (current EL), IL = 32 bits\n\t SET = 0, FnV = 0\n\t EA = 0, S1PTW = 0\n\t FSC = 0x05: level 1 translation fault\n\t Data abort info:\n\t ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n\t CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n\t GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n\t [dfffffc000000000] address between user and kernel address ranges\n\t Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n\t Dumping ftrace buffer:\n\t (ftrace buffer empty)\n\t Modules linked in: of_fpga_region(+) fpga_region fpga_bridge cfg80211 rfkill 8021q garp mrp stp llc ipv6 [last unloaded: of_fpga_region]\n\t CPU: 2 UID: 0 PID: 2036 Comm: modprobe Not tainted 6.11.0-rc2-g6a0e38264012 #295\n\t Hardware name: linux,dummy-virt (DT)\n\t pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\t pc : strlen+0x24/0xb0\n\t lr : kernfs_name_hash+0x1c/0xc4\n\t sp : ffffffc081f97380\n\t x29: ffffffc081f97380 x28: ffffffc081f97b90 x27: ffffff80c821c2a0\n\t x26: ffffffedac0be418 x25: 0000000000000000 x24: ffffff80c09d2000\n\t x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000\n\t x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000001840\n\t x17: 0000000000000000 x16: 0000000000000000 x15: 1ffffff8103f2e42\n\t x14: 00000000f1f1f1f1 x13: 0000000000000004 x12: ffffffb01812d61d\n\t x11: 1ffffff01812d61c x10: ffffffb01812d61c x9 : dfffffc000000000\n\t x8 : 0000004fe7ed29e4 x7 : ffffff80c096b0e7 x6 : 0000000000000001\n\t x5 : ffffff80c096b0e0 x4 : 1ffffffdb990efa2 x3 : 0000000000000000\n\t x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000000\n\t Call trace:\n\t strlen+0x24/0xb0\n\t kernfs_name_hash+0x1c/0xc4\n\t kernfs_find_ns+0x118/0x2e8\n\t kernfs_remove_by_name_ns+0x80/0x100\n\t sysfs_remove_link+0x74/0xa8\n\t module_add_driver+0x278/0x394\n\t bus_add_driver+0x1f0/0x43c\n\t driver_register+0xf4/0x3c0\n\t __platform_driver_register+0x60/0x88\n\t of_fpga_region_init+0x20/0x1000 [of_fpga_region]\n\t do_one_initcall+0x110/0x788\n\t do_init_module+0x1dc/0x5c8\n\t load_module+0x3c38/0x4cac\n\t init_module_from_file+0xd4/0x128\n\t idempotent_init_module+0x2cc/0x528\n\t __arm64_sys_finit_module+0xac/0x100\n\t invoke_syscall+0x6c/0x258\n\t el0_svc_common.constprop.0+0x160/0x22c\n\t do_el0_svc+0x44/0x5c\n\t el0_svc+0x48/0xb8\n\t el0t_64_sync_handler+0x13c/0x158\n\t el0t_64_sync+0x190/0x194\n\t Code: f2fbffe1 a90157f4 12000802 aa0003f5 (38e16861)\n\t ---[ end trace 0000000000000000 ]---\n\t Kernel panic - not syncing: Oops: Fatal exception", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47688", url: "https://www.suse.com/security/cve/CVE-2024-47688", }, { category: "external", summary: "SUSE Bug 1232009 for CVE-2024-47688", url: "https://bugzilla.suse.com/1232009", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47688", }, { cve: "CVE-2024-47689", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47689", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()\n\nsyzbot reports a f2fs bug as below:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177\nCPU: 1 UID: 0 PID: 58 Comm: kworker/1:2 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0\nWorkqueue: events destroy_super_work\nRIP: 0010:rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177\nCall Trace:\n percpu_free_rwsem+0x41/0x80 kernel/locking/percpu-rwsem.c:42\n destroy_super_work+0xec/0x130 fs/super.c:282\n process_one_work kernel/workqueue.c:3231 [inline]\n process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312\n worker_thread+0x86d/0xd40 kernel/workqueue.c:3390\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nAs Christian Brauner pointed out [1]: the root cause is f2fs sets\nSB_RDONLY flag in internal function, rather than setting the flag\ncovered w/ sb->s_umount semaphore via remount procedure, then below\nrace condition causes this bug:\n\n- freeze_super()\n - sb_wait_write(sb, SB_FREEZE_WRITE)\n - sb_wait_write(sb, SB_FREEZE_PAGEFAULT)\n - sb_wait_write(sb, SB_FREEZE_FS)\n\t\t\t\t\t- f2fs_handle_critical_error\n\t\t\t\t\t - sb->s_flags |= SB_RDONLY\n- thaw_super\n - thaw_super_locked\n - sb_rdonly() is true, so it skips\n sb_freeze_unlock(sb, SB_FREEZE_FS)\n - deactivate_locked_super\n\nSince f2fs has almost the same logic as ext4 [2] when handling critical\nerror in filesystem if it mounts w/ errors=remount-ro option:\n- set CP_ERROR_FLAG flag which indicates filesystem is stopped\n- record errors to superblock\n- set SB_RDONLY falg\nOnce we set CP_ERROR_FLAG flag, all writable interfaces can detect the\nflag and stop any further updates on filesystem. So, it is safe to not\nset SB_RDONLY flag, let's remove the logic and keep in line w/ ext4 [3].\n\n[1] https://lore.kernel.org/all/20240729-himbeeren-funknetz-96e62f9c7aee@brauner\n[2] https://lore.kernel.org/all/20240729132721.hxih6ehigadqf7wx@quack3\n[3] https://lore.kernel.org/linux-ext4/20240805201241.27286-1-jack@suse.cz", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47689", url: "https://www.suse.com/security/cve/CVE-2024-47689", }, { category: "external", summary: "SUSE Bug 1232010 for CVE-2024-47689", url: "https://bugzilla.suse.com/1232010", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47689", }, { cve: "CVE-2024-47690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47690", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: get rid of online repaire on corrupted directory\n\nsyzbot reports a f2fs bug as below:\n\nkernel BUG at fs/f2fs/inode.c:896!\nRIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896\nCall Trace:\n evict+0x532/0x950 fs/inode.c:704\n dispose_list fs/inode.c:747 [inline]\n evict_inodes+0x5f9/0x690 fs/inode.c:797\n generic_shutdown_super+0x9d/0x2d0 fs/super.c:627\n kill_block_super+0x44/0x90 fs/super.c:1696\n kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898\n deactivate_locked_super+0xc4/0x130 fs/super.c:473\n cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n ptrace_notify+0x2d2/0x380 kernel/signal.c:2402\n ptrace_report_syscall include/linux/ptrace.h:415 [inline]\n ptrace_report_syscall_exit include/linux/ptrace.h:477 [inline]\n syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173\n syscall_exit_to_user_mode_prepare kernel/entry/common.c:200 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:205 [inline]\n syscall_exit_to_user_mode+0x279/0x370 kernel/entry/common.c:218\n do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896\n\nOnline repaire on corrupted directory in f2fs_lookup() can generate\ndirty data/meta while racing w/ readonly remount, it may leave dirty\ninode after filesystem becomes readonly, however, checkpoint() will\nskips flushing dirty inode in a state of readonly mode, result in\nabove panic.\n\nLet's get rid of online repaire in f2fs_lookup(), and leave the work\nto fsck.f2fs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47690", url: "https://www.suse.com/security/cve/CVE-2024-47690", }, { category: "external", summary: "SUSE Bug 1232011 for CVE-2024-47690", url: "https://bugzilla.suse.com/1232011", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47690", }, { cve: "CVE-2024-47691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47691", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()\n\nsyzbot reports a f2fs bug as below:\n\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_report+0xe8/0x550 mm/kasan/report.c:491\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n instrument_atomic_read_write include/linux/instrumented.h:96 [inline]\n atomic_fetch_add_relaxed include/linux/atomic/atomic-instrumented.h:252 [inline]\n __refcount_add include/linux/refcount.h:184 [inline]\n __refcount_inc include/linux/refcount.h:241 [inline]\n refcount_inc include/linux/refcount.h:258 [inline]\n get_task_struct include/linux/sched/task.h:118 [inline]\n kthread_stop+0xca/0x630 kernel/kthread.c:704\n f2fs_stop_gc_thread+0x65/0xb0 fs/f2fs/gc.c:210\n f2fs_do_shutdown+0x192/0x540 fs/f2fs/file.c:2283\n f2fs_ioc_shutdown fs/f2fs/file.c:2325 [inline]\n __f2fs_ioctl+0x443a/0xbe60 fs/f2fs/file.c:4325\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe root cause is below race condition, it may cause use-after-free\nissue in sbi->gc_th pointer.\n\n- remount\n - f2fs_remount\n - f2fs_stop_gc_thread\n - kfree(gc_th)\n\t\t\t\t- f2fs_ioc_shutdown\n\t\t\t\t - f2fs_do_shutdown\n\t\t\t\t - f2fs_stop_gc_thread\n\t\t\t\t - kthread_stop(gc_th->f2fs_gc_task)\n : sbi->gc_thread = NULL;\n\nWe will call f2fs_do_shutdown() in two paths:\n- for f2fs_ioc_shutdown() path, we should grab sb->s_umount semaphore\nfor fixing.\n- for f2fs_shutdown() path, it's safe since caller has already grabbed\nsb->s_umount semaphore.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47691", url: "https://www.suse.com/security/cve/CVE-2024-47691", }, { category: "external", summary: "SUSE Bug 1232012 for CVE-2024-47691", url: "https://bugzilla.suse.com/1232012", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47691", }, { cve: "CVE-2024-47692", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47692", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: return -EINVAL when namelen is 0\n\nWhen we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may\nresult in namelen being 0, which will cause memdup_user() to return\nZERO_SIZE_PTR.\nWhen we access the name.data that has been assigned the value of\nZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is\ntriggered.\n\n[ T1205] ==================================================================\n[ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205\n[ T1205]\n[ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406\n[ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ T1205] Call Trace:\n[ T1205] dump_stack+0x9a/0xd0\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] __kasan_report.cold+0x34/0x84\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] kasan_report+0x3a/0x50\n[ T1205] nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] ? nfsd4_release_lockowner+0x410/0x410\n[ T1205] cld_pipe_downcall+0x5ca/0x760\n[ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0\n[ T1205] ? down_write_killable_nested+0x170/0x170\n[ T1205] ? avc_policy_seqno+0x28/0x40\n[ T1205] ? selinux_file_permission+0x1b4/0x1e0\n[ T1205] rpc_pipe_write+0x84/0xb0\n[ T1205] vfs_write+0x143/0x520\n[ T1205] ksys_write+0xc9/0x170\n[ T1205] ? __ia32_sys_read+0x50/0x50\n[ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110\n[ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110\n[ T1205] do_syscall_64+0x33/0x40\n[ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n[ T1205] RIP: 0033:0x7fdbdb761bc7\n[ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 514\n[ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7\n[ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008\n[ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001\n[ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b\n[ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000\n[ T1205] ==================================================================\n\nFix it by checking namelen.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47692", url: "https://www.suse.com/security/cve/CVE-2024-47692", }, { category: "external", summary: "SUSE Bug 1231857 for CVE-2024-47692", url: "https://bugzilla.suse.com/1231857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47692", }, { cve: "CVE-2024-47693", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47693", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Fix ib_cache_setup_one error flow cleanup\n\nWhen ib_cache_update return an error, we exit ib_cache_setup_one\ninstantly with no proper cleanup, even though before this we had\nalready successfully done gid_table_setup_one, that results in\nthe kernel WARN below.\n\nDo proper cleanup using gid_table_cleanup_one before returning\nthe err in order to fix the issue.\n\nWARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0\nModules linked in:\nCPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:gid_table_release_one+0x181/0x1a0\nCode: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41\nRSP: 0018:ffffc90002b835b0 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527\nRDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001\nRBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631\nR10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001\nR13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001\nFS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ? show_regs+0x94/0xa0\n ? __warn+0x9e/0x1c0\n ? gid_table_release_one+0x181/0x1a0\n ? report_bug+0x1f9/0x340\n ? gid_table_release_one+0x181/0x1a0\n ? handle_bug+0xa2/0x110\n ? exc_invalid_op+0x31/0xa0\n ? asm_exc_invalid_op+0x16/0x20\n ? __warn_printk+0xc7/0x180\n ? __warn_printk+0xd4/0x180\n ? gid_table_release_one+0x181/0x1a0\n ib_device_release+0x71/0xe0\n ? __pfx_ib_device_release+0x10/0x10\n device_release+0x44/0xd0\n kobject_put+0x135/0x3d0\n put_device+0x20/0x30\n rxe_net_add+0x7d/0xa0\n rxe_newlink+0xd7/0x190\n nldev_newlink+0x1b0/0x2a0\n ? __pfx_nldev_newlink+0x10/0x10\n rdma_nl_rcv_msg+0x1ad/0x2e0\n rdma_nl_rcv_skb.constprop.0+0x176/0x210\n netlink_unicast+0x2de/0x400\n netlink_sendmsg+0x306/0x660\n __sock_sendmsg+0x110/0x120\n ____sys_sendmsg+0x30e/0x390\n ___sys_sendmsg+0x9b/0xf0\n ? kstrtouint+0x6e/0xa0\n ? kstrtouint_from_user+0x7c/0xb0\n ? get_pid_task+0xb0/0xd0\n ? proc_fail_nth_write+0x5b/0x140\n ? __fget_light+0x9a/0x200\n ? preempt_count_add+0x47/0xa0\n __sys_sendmsg+0x61/0xd0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47693", url: "https://www.suse.com/security/cve/CVE-2024-47693", }, { category: "external", summary: "SUSE Bug 1232013 for CVE-2024-47693", url: "https://bugzilla.suse.com/1232013", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-47693", }, { cve: "CVE-2024-47694", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47694", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix UMR pd cleanup on error flow of driver init\n\nThe cited commit moves the pd allocation from function\nmlx5r_umr_resource_cleanup() to a new function mlx5r_umr_cleanup().\nSo the fix in commit [1] is broken. In error flow, will hit panic [2].\n\nFix it by checking pd pointer to avoid panic if it is NULL;\n\n[1] RDMA/mlx5: Fix UMR cleanup on error flow of driver init\n[2]\n [ 347.567063] infiniband mlx5_0: Couldn't register device with driver model\n [ 347.591382] BUG: kernel NULL pointer dereference, address: 0000000000000020\n [ 347.593438] #PF: supervisor read access in kernel mode\n [ 347.595176] #PF: error_code(0x0000) - not-present page\n [ 347.596962] PGD 0 P4D 0\n [ 347.601361] RIP: 0010:ib_dealloc_pd_user+0x12/0xc0 [ib_core]\n [ 347.604171] RSP: 0018:ffff888106293b10 EFLAGS: 00010282\n [ 347.604834] RAX: 0000000000000000 RBX: 000000000000000e RCX: 0000000000000000\n [ 347.605672] RDX: ffff888106293ad0 RSI: 0000000000000000 RDI: 0000000000000000\n [ 347.606529] RBP: 0000000000000000 R08: ffff888106293ae0 R09: ffff888106293ae0\n [ 347.607379] R10: 0000000000000a06 R11: 0000000000000000 R12: 0000000000000000\n [ 347.608224] R13: ffffffffa0704dc0 R14: 0000000000000001 R15: 0000000000000001\n [ 347.609067] FS: 00007fdc720cd9c0(0000) GS:ffff88852c880000(0000) knlGS:0000000000000000\n [ 347.610094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 347.610727] CR2: 0000000000000020 CR3: 0000000103012003 CR4: 0000000000370eb0\n [ 347.611421] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [ 347.612113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [ 347.612804] Call Trace:\n [ 347.613130] <TASK>\n [ 347.613417] ? __die+0x20/0x60\n [ 347.613793] ? page_fault_oops+0x150/0x3e0\n [ 347.614243] ? free_msg+0x68/0x80 [mlx5_core]\n [ 347.614840] ? cmd_exec+0x48f/0x11d0 [mlx5_core]\n [ 347.615359] ? exc_page_fault+0x74/0x130\n [ 347.615808] ? asm_exc_page_fault+0x22/0x30\n [ 347.616273] ? ib_dealloc_pd_user+0x12/0xc0 [ib_core]\n [ 347.616801] mlx5r_umr_cleanup+0x23/0x90 [mlx5_ib]\n [ 347.617365] mlx5_ib_stage_pre_ib_reg_umr_cleanup+0x36/0x40 [mlx5_ib]\n [ 347.618025] __mlx5_ib_add+0x96/0xd0 [mlx5_ib]\n [ 347.618539] mlx5r_probe+0xe9/0x310 [mlx5_ib]\n [ 347.619032] ? kernfs_add_one+0x107/0x150\n [ 347.619478] ? __mlx5_ib_add+0xd0/0xd0 [mlx5_ib]\n [ 347.619984] auxiliary_bus_probe+0x3e/0x90\n [ 347.620448] really_probe+0xc5/0x3a0\n [ 347.620857] __driver_probe_device+0x80/0x160\n [ 347.621325] driver_probe_device+0x1e/0x90\n [ 347.621770] __driver_attach+0xec/0x1c0\n [ 347.622213] ? __device_attach_driver+0x100/0x100\n [ 347.622724] bus_for_each_dev+0x71/0xc0\n [ 347.623151] bus_add_driver+0xed/0x240\n [ 347.623570] driver_register+0x58/0x100\n [ 347.623998] __auxiliary_driver_register+0x6a/0xc0\n [ 347.624499] ? driver_register+0xae/0x100\n [ 347.624940] ? 0xffffffffa0893000\n [ 347.625329] mlx5_ib_init+0x16a/0x1e0 [mlx5_ib]\n [ 347.625845] do_one_initcall+0x4a/0x2a0\n [ 347.626273] ? gcov_event+0x2e2/0x3a0\n [ 347.626706] do_init_module+0x8a/0x260\n [ 347.627126] init_module_from_file+0x8b/0xd0\n [ 347.627596] __x64_sys_finit_module+0x1ca/0x2f0\n [ 347.628089] do_syscall_64+0x4c/0x100", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47694", url: "https://www.suse.com/security/cve/CVE-2024-47694", }, { category: "external", summary: "SUSE Bug 1232014 for CVE-2024-47694", url: "https://bugzilla.suse.com/1232014", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47694", }, { cve: "CVE-2024-47695", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47695", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds\n\nIn the function init_conns(), after the create_con() and create_cm() for\nloop if something fails. In the cleanup for loop after the destroy tag, we\naccess out of bound memory because cid is set to clt_path->s.con_num.\n\nThis commits resets the cid to clt_path->s.con_num - 1, to stay in bounds\nin the cleanup loop later.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47695", url: "https://www.suse.com/security/cve/CVE-2024-47695", }, { category: "external", summary: "SUSE Bug 1231931 for CVE-2024-47695", url: "https://bugzilla.suse.com/1231931", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47695", }, { cve: "CVE-2024-47696", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47696", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\n\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to\ndestroying CM IDs\"), the function flush_workqueue is invoked to flush the\nwork queue iwcm_wq.\n\nBut at that time, the work queue iwcm_wq was created via the function\nalloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\n\nBecause the current process is trying to flush the whole iwcm_wq, if\niwcm_wq doesn't have the flag WQ_MEM_RECLAIM, verify that the current\nprocess is not reclaiming memory or running on a workqueue which doesn't\nhave the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee\nleading to a deadlock.\n\nThe call trace is as below:\n\n[ 125.350876][ T1430] Call Trace:\n[ 125.356281][ T1430] <TASK>\n[ 125.361285][ T1430] ? __warn (kernel/panic.c:693)\n[ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970)\n[ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151)\n[ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm\n[ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910)\n[ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161)\n[ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm\n[ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma\n[ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma\n[ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231)\n[ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393)\n[ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339)\n[ 125.531837][ T1430] kthread (kernel/kthread.c:389)\n[ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147)\n[ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n[ 125.566487][ T1430] </TASK>\n[ 125.566488][ T1430] ---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47696", url: "https://www.suse.com/security/cve/CVE-2024-47696", }, { category: "external", summary: "SUSE Bug 1231864 for CVE-2024-47696", url: "https://bugzilla.suse.com/1231864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47696", }, { cve: "CVE-2024-47697", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47697", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\n\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47697", url: "https://www.suse.com/security/cve/CVE-2024-47697", }, { category: "external", summary: "SUSE Bug 1231858 for CVE-2024-47697", url: "https://bugzilla.suse.com/1231858", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47697", }, { cve: "CVE-2024-47698", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47698", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error\n\nEnsure index in rtl2832_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.\n\n[hverkuil: added fixes tag, rtl2830_pid_filter -> rtl2832_pid_filter in logmsg]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47698", url: "https://www.suse.com/security/cve/CVE-2024-47698", }, { category: "external", summary: "SUSE Bug 1231859 for CVE-2024-47698", url: "https://bugzilla.suse.com/1231859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47698", }, { cve: "CVE-2024-47699", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47699", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\n\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\n\nThis series addresses three potential issues with empty b-tree nodes that\ncan occur with corrupted filesystem images, including one recently\ndiscovered by syzbot.\n\n\nThis patch (of 3):\n\nIf a b-tree is broken on the device, and the b-tree height is greater than\n2 (the level of the root node is greater than 1) even if the number of\nchild nodes of the b-tree root is 0, a NULL pointer dereference occurs in\nnilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\n\nThis is because, when the number of child nodes of the b-tree root is 0,\nnilfs_btree_do_lookup() does not set the block buffer head in any of\npath[x].bp_bh, leaving it as the initial value of NULL, but if the level\nof the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(),\nwhich accesses the buffer memory of path[x].bp_bh, is called.\n\nFix this issue by adding a check to nilfs_btree_root_broken(), which\nperforms sanity checks when reading the root node from the device, to\ndetect this inconsistency.\n\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause\nearly on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47699", url: "https://www.suse.com/security/cve/CVE-2024-47699", }, { category: "external", summary: "SUSE Bug 1231916 for CVE-2024-47699", url: "https://bugzilla.suse.com/1231916", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47699", }, { cve: "CVE-2024-47700", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47700", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: check stripe size compatibility on remount as well\n\nWe disable stripe size in __ext4_fill_super if it is not a multiple of\nthe cluster ratio however this check is missed when trying to remount.\nThis can leave us with cases where stripe < cluster_ratio after\nremount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some\nunforeseen bugs like divide by 0.\n\nFix that by adding the check in remount path as well.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47700", url: "https://www.suse.com/security/cve/CVE-2024-47700", }, { category: "external", summary: "SUSE Bug 1231919 for CVE-2024-47700", url: "https://bugzilla.suse.com/1231919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47700", }, { cve: "CVE-2024-47701", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47701", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n </TASK>\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47701", url: "https://www.suse.com/security/cve/CVE-2024-47701", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-47701", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1231920 for CVE-2024-47701", url: "https://bugzilla.suse.com/1231920", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47701", }, { cve: "CVE-2024-47702", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47702", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fail verification for sign-extension of packet data/data_end/data_meta\n\nsyzbot reported a kernel crash due to\n commit 1f1e864b6555 (\"bpf: Handle sign-extenstin ctx member accesses\").\nThe reason is due to sign-extension of 32-bit load for\npacket data/data_end/data_meta uapi field.\n\nThe original code looks like:\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */\n r3 = *(u32 *)(r1 + 80) /* load __sk_buff->data_end */\n r0 = r2\n r0 += 8\n if r3 > r0 goto +1\n ...\nNote that __sk_buff->data load has 32-bit sign extension.\n\nAfter verification and convert_ctx_accesses(), the final asm code looks like:\n r2 = *(u64 *)(r1 +208)\n r2 = (s32)r2\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\n ...\nNote that 'r2 = (s32)r2' may make the kernel __sk_buff->data address invalid\nwhich may cause runtime failure.\n\nCurrently, in C code, typically we have\n void *data = (void *)(long)skb->data;\n void *data_end = (void *)(long)skb->data_end;\n ...\nand it will generate\n r2 = *(u64 *)(r1 +208)\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\n\nIf we allow sign-extension,\n void *data = (void *)(long)(int)skb->data;\n void *data_end = (void *)(long)skb->data_end;\n ...\nthe generated code looks like\n r2 = *(u64 *)(r1 +208)\n r2 <<= 32\n r2 s>>= 32\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\nand this will cause verification failure since \"r2 <<= 32\" is not allowed\nas \"r2\" is a packet pointer.\n\nTo fix this issue for case\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */\nthis patch added additional checking in is_valid_access() callback\nfunction for packet data/data_end/data_meta access. If those accesses\nare with sign-extenstion, the verification will fail.\n\n [1] https://lore.kernel.org/bpf/000000000000c90eee061d236d37@google.com/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47702", url: "https://www.suse.com/security/cve/CVE-2024-47702", }, { category: "external", summary: "SUSE Bug 1231924 for CVE-2024-47702", url: "https://bugzilla.suse.com/1231924", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47702", }, { cve: "CVE-2024-47703", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47703", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, lsm: Add check for BPF LSM return value\n\nA bpf prog returning a positive number attached to file_alloc_security\nhook makes kernel panic.\n\nThis happens because file system can not filter out the positive number\nreturned by the LSM prog using IS_ERR, and misinterprets this positive\nnumber as a file pointer.\n\nGiven that hook file_alloc_security never returned positive number\nbefore the introduction of BPF LSM, and other BPF LSM hooks may\nencounter similar issues, this patch adds LSM return value check\nin verifier, to ensure no unexpected value is returned.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47703", url: "https://www.suse.com/security/cve/CVE-2024-47703", }, { category: "external", summary: "SUSE Bug 1231946 for CVE-2024-47703", url: "https://bugzilla.suse.com/1231946", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47703", }, { cve: "CVE-2024-47704", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47704", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check link_res->hpo_dp_link_enc before using it\n\n[WHAT & HOW]\nFunctions dp_enable_link_phy and dp_disable_link_phy can pass link_res\nwithout initializing hpo_dp_link_enc and it is necessary to check for\nnull before dereferencing.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47704", url: "https://www.suse.com/security/cve/CVE-2024-47704", }, { category: "external", summary: "SUSE Bug 1231944 for CVE-2024-47704", url: "https://bugzilla.suse.com/1231944", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47704", }, { cve: "CVE-2024-47705", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47705", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix potential invalid pointer dereference in blk_add_partition\n\nThe blk_add_partition() function initially used a single if-condition\n(IS_ERR(part)) to check for errors when adding a partition. This was\nmodified to handle the specific case of -ENXIO separately, allowing the\nfunction to proceed without logging the error in this case. However,\nthis change unintentionally left a path where md_autodetect_dev()\ncould be called without confirming that part is a valid pointer.\n\nThis commit separates the error handling logic by splitting the\ninitial if-condition, improving code readability and handling specific\nerror scenarios explicitly. The function now distinguishes the general\nerror case from -ENXIO without altering the existing behavior of\nmd_autodetect_dev() calls.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47705", url: "https://www.suse.com/security/cve/CVE-2024-47705", }, { category: "external", summary: "SUSE Bug 1231872 for CVE-2024-47705", url: "https://bugzilla.suse.com/1231872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47705", }, { cve: "CVE-2024-47706", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47706", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix possible UAF for bfqq->bic with merge chain\n\n1) initial state, three tasks:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | Λ | Λ\t\t | Λ\n\t\t | | | |\t\t | |\n\t\t V | V |\t\t V |\n\t\t bfqq1 bfqq2\t\t bfqq3\nprocess ref:\t 1\t\t 1\t\t 1\n\n2) bfqq1 merged to bfqq2:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | |\t\t | Λ\n\t\t \\--------------\\|\t\t | |\n\t\t V\t\t V |\n\t\t bfqq1--------->bfqq2\t\t bfqq3\nprocess ref:\t 0\t\t 2\t\t 1\n\n3) bfqq2 merged to bfqq3:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t here -> Λ |\t\t |\n\t\t \\--------------\\ \\-------------\\|\n\t\t V\t\t V\n\t\t bfqq1--------->bfqq2---------->bfqq3\nprocess ref:\t 0\t\t 1\t\t 3\n\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\nstate, and set bfqq2->bic to BIC1.\n\nbfq_insert_request\n-> by Process 1\n bfqq = bfq_init_rq(rq)\n bfqq = bfq_get_bfqq_handle_split\n bfqq = bic_to_bfqq\n -> get bfqq2 from BIC1\n bfqq->ref++\n rq->elv.priv[0] = bic\n rq->elv.priv[1] = bfqq\n if (bfqq_process_refs(bfqq) == 1)\n bfqq->bic = bic\n -> record BIC1 to bfqq2\n\n __bfq_insert_request\n new_bfqq = bfq_setup_cooperator\n -> get bfqq3 from bfqq2->new_bfqq\n bfqq_request_freed(bfqq)\n new_bfqq->ref++\n rq->elv.priv[1] = new_bfqq\n -> handle IO by bfqq3\n\nFix the problem by checking bfqq is from merge chain fist. And this\nmight fix a following problem reported by our syzkaller(unreproducible):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\nBUG: KASAN: slab-use-after-free in bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\nBUG: KASAN: slab-use-after-free in bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\nWrite of size 1 at addr ffff888123839eb8 by task kworker/0:1H/18595\n\nCPU: 0 PID: 18595 Comm: kworker/0:1H Tainted: G L 6.6.0-07439-gba2303cacfda #6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nWorkqueue: kblockd blk_mq_requeue_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0x10d/0x610 mm/kasan/report.c:475\n kasan_report+0x8e/0xc0 mm/kasan/report.c:588\n bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\n bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\n bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\n bfq_get_bfqq_handle_split+0x169/0x5d0 block/bfq-iosched.c:6757\n bfq_init_rq block/bfq-iosched.c:6876 [inline]\n bfq_insert_request block/bfq-iosched.c:6254 [inline]\n bfq_insert_requests+0x1112/0x5cf0 block/bfq-iosched.c:6304\n blk_mq_insert_request+0x290/0x8d0 block/blk-mq.c:2593\n blk_mq_requeue_work+0x6bc/0xa70 block/blk-mq.c:1502\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700\n worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781\n kthread+0x33c/0x440 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305\n </TASK>\n\nAllocated by task 20776:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:763 [inline]\n slab_alloc_node mm/slub.c:3458 [inline]\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\n ioc_create_icq block/blk-ioc.c:370 [inline]\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47706", url: "https://www.suse.com/security/cve/CVE-2024-47706", }, { category: "external", summary: "SUSE Bug 1231942 for CVE-2024-47706", url: "https://bugzilla.suse.com/1231942", }, { category: "external", summary: "SUSE Bug 1231943 for CVE-2024-47706", url: "https://bugzilla.suse.com/1231943", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47706", }, { cve: "CVE-2024-47707", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47707", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()\n\nBlamed commit accidentally removed a check for rt->rt6i_idev being NULL,\nas spotted by syzbot:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 UID: 0 PID: 10998 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00208-g625403177711 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nRBP: ffffc900047375d0 R08: 0000000000000003 R09: fffff520008e6e8c\nR10: dffffc0000000000 R11: fffff520008e6e8c R12: 1ffff1100fdf8f18\nR13: ffff88807efc7998 R14: 0000000000000000 R15: ffff88807efc7930\nFS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020002a80 CR3: 0000000022f62000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n addrconf_ifdown+0x15d/0x1bd0 net/ipv6/addrconf.c:3856\n addrconf_notify+0x3cb/0x1020\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n unregister_netdevice_many_notify+0xd81/0x1c40 net/core/dev.c:11352\n unregister_netdevice_many net/core/dev.c:11414 [inline]\n unregister_netdevice_queue+0x303/0x370 net/core/dev.c:11289\n unregister_netdevice include/linux/netdevice.h:3129 [inline]\n __tun_detach+0x6b9/0x1600 drivers/net/tun.c:685\n tun_detach drivers/net/tun.c:701 [inline]\n tun_chr_close+0x108/0x1b0 drivers/net/tun.c:3510\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f1acc77def9\nCode: Unable to access opcode bytes at 0x7f1acc77decf.\nRSP: 002b:00007ffeb26fa738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1acc77def9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043\nRBP: 00007f1acc7dd508 R08: 00007ffeb26f84d7 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 0000000000000003 R14: 00000000ffffffff R15: 00007ffeb26fa8e0\n </TASK>\nModules linked in:\n---[ end trace 0000000000000000 ]---\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nR\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47707", url: "https://www.suse.com/security/cve/CVE-2024-47707", }, { category: "external", summary: "SUSE Bug 1231935 for CVE-2024-47707", url: "https://bugzilla.suse.com/1231935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47707", }, { cve: "CVE-2024-47708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47708", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetkit: Assign missing bpf_net_context\n\nDuring the introduction of struct bpf_net_context handling for\nXDP-redirect, the netkit driver has been missed, which also requires it\nbecause NETKIT_REDIRECT invokes skb_do_redirect() which is accessing the\nper-CPU variables. Otherwise we see the following crash:\n\n\tBUG: kernel NULL pointer dereference, address: 0000000000000038\n\tbpf_redirect()\n\tnetkit_xmit()\n\tdev_hard_start_xmit()\n\nSet the bpf_net_context before invoking netkit_xmit() program within the\nnetkit driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47708", url: "https://www.suse.com/security/cve/CVE-2024-47708", }, { category: "external", summary: "SUSE Bug 1231933 for CVE-2024-47708", url: "https://bugzilla.suse.com/1231933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47708", }, { cve: "CVE-2024-47709", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47709", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Clear bo->bcm_proc_read after remove_proc_entry().\n\nsyzbot reported a warning in bcm_release(). [0]\n\nThe blamed change fixed another warning that is triggered when\nconnect() is issued again for a socket whose connect()ed device has\nbeen unregistered.\n\nHowever, if the socket is just close()d without the 2nd connect(), the\nremaining bo->bcm_proc_read triggers unnecessary remove_proc_entry()\nin bcm_release().\n\nLet's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify().\n\n[0]\nname '4986'\nWARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nModules linked in:\nCPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nCode: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f> 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07\nRSP: 0018:ffffc9000345fa20 EFLAGS: 00010246\nRAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a\nR10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640\nR13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n bcm_release+0x250/0x880 net/can/bcm.c:1578\n __sock_release net/socket.c:659 [inline]\n sock_close+0xbc/0x240 net/socket.c:1421\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcfb51ee969\nCode: Unable to access opcode bytes at 0x7fcfb51ee93f.\nRSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001\nRBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0\nR13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47709", url: "https://www.suse.com/security/cve/CVE-2024-47709", }, { category: "external", summary: "SUSE Bug 1232048 for CVE-2024-47709", url: "https://bugzilla.suse.com/1232048", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47709", }, { cve: "CVE-2024-47710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47710", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsock_map: Add a cond_resched() in sock_hash_free()\n\nSeveral syzbot soft lockup reports all have in common sock_hash_free()\n\nIf a map with a large number of buckets is destroyed, we need to yield\nthe cpu when needed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47710", url: "https://www.suse.com/security/cve/CVE-2024-47710", }, { category: "external", summary: "SUSE Bug 1232049 for CVE-2024-47710", url: "https://bugzilla.suse.com/1232049", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-47710", }, { cve: "CVE-2024-47711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47711", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Don't return OOB skb in manage_oob().\n\nsyzbot reported use-after-free in unix_stream_recv_urg(). [0]\n\nThe scenario is\n\n 1. send(MSG_OOB)\n 2. recv(MSG_OOB)\n -> The consumed OOB remains in recv queue\n 3. send(MSG_OOB)\n 4. recv()\n -> manage_oob() returns the next skb of the consumed OOB\n -> This is also OOB, but unix_sk(sk)->oob_skb is not cleared\n 5. recv(MSG_OOB)\n -> unix_sk(sk)->oob_skb is used but already freed\n\nThe recent commit 8594d9b85c07 (\"af_unix: Don't call skb_get() for OOB\nskb.\") uncovered the issue.\n\nIf the OOB skb is consumed and the next skb is peeked in manage_oob(),\nwe still need to check if the skb is OOB.\n\nLet's do so by falling back to the following checks in manage_oob()\nand add the test case in selftest.\n\nNote that we need to add a similar check for SIOCATMARK.\n\n[0]:\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959\nRead of size 4 at addr ffff8880326abcc4 by task syz-executor178/5235\n\nCPU: 0 UID: 0 PID: 5235 Comm: syz-executor178 Not tainted 6.11.0-rc5-syzkaller-00742-gfbdaffe41adc #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959\n unix_stream_recv_urg+0x1df/0x320 net/unix/af_unix.c:2640\n unix_stream_read_generic+0x2456/0x2520 net/unix/af_unix.c:2778\n unix_stream_recvmsg+0x22b/0x2c0 net/unix/af_unix.c:2996\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x22f/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2816\n ___sys_recvmsg net/socket.c:2858 [inline]\n __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f5360d6b4e9\nCode: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff29b3a458 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 00007fff29b3a638 RCX: 00007f5360d6b4e9\nRDX: 0000000000002001 RSI: 0000000020000640 RDI: 0000000000000003\nRBP: 00007f5360dde610 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007fff29b3a628 R14: 0000000000000001 R15: 0000000000000001\n </TASK>\n\nAllocated by task 5235:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:312 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3988 [inline]\n slab_alloc_node mm/slub.c:4037 [inline]\n kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4080\n __alloc_skb+0x1c3/0x440 net/core/skbuff.c:667\n alloc_skb include/linux/skbuff.h:1320 [inline]\n alloc_skb_with_frags+0xc3/0x770 net/core/skbuff.c:6528\n sock_alloc_send_pskb+0x91a/0xa60 net/core/sock.c:2815\n sock_alloc_send_skb include/net/sock.h:1778 [inline]\n queue_oob+0x108/0x680 net/unix/af_unix.c:2198\n unix_stream_sendmsg+0xd24/0xf80 net/unix/af_unix.c:2351\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 5235:\n kasan_save_stack mm/kasan/common.c:47\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47711", url: "https://www.suse.com/security/cve/CVE-2024-47711", }, { category: "external", summary: "SUSE Bug 1232054 for CVE-2024-47711", url: "https://bugzilla.suse.com/1232054", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47711", }, { cve: "CVE-2024-47712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47712", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param\n\nIn the `wilc_parse_join_bss_param` function, the TSF field of the `ies`\nstructure is accessed after the RCU read-side critical section is\nunlocked. According to RCU usage rules, this is illegal. Reusing this\npointer can lead to unpredictable behavior, including accessing memory\nthat has been updated or causing use-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the TSF value is now stored in a local variable\n`ies_tsf` before the RCU lock is released. The `param->tsf_lo` field is\nthen assigned using this local variable, ensuring that the TSF value is\nsafely accessed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47712", url: "https://www.suse.com/security/cve/CVE-2024-47712", }, { category: "external", summary: "SUSE Bug 1232017 for CVE-2024-47712", url: "https://bugzilla.suse.com/1232017", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47712", }, { cve: "CVE-2024-47713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47713", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()\n\nSince '__dev_queue_xmit()' should be called with interrupts enabled,\nthe following backtrace:\n\nieee80211_do_stop()\n ...\n spin_lock_irqsave(&local->queue_stop_reason_lock, flags)\n ...\n ieee80211_free_txskb()\n ieee80211_report_used_skb()\n ieee80211_report_ack_skb()\n cfg80211_mgmt_tx_status_ext()\n nl80211_frame_tx_status()\n genlmsg_multicast_netns()\n genlmsg_multicast_netns_filtered()\n nlmsg_multicast_filtered()\n\t netlink_broadcast_filtered()\n\t do_one_broadcast()\n\t netlink_broadcast_deliver()\n\t __netlink_sendskb()\n\t netlink_deliver_tap()\n\t __netlink_deliver_tap_skb()\n\t dev_queue_xmit()\n\t __dev_queue_xmit() ; with IRQS disabled\n ...\n spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags)\n\nissues the warning (as reported by syzbot reproducer):\n\nWARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120\n\nFix this by implementing a two-phase skb reclamation in\n'ieee80211_do_stop()', where actual work is performed\noutside of a section with interrupts disabled.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47713", url: "https://www.suse.com/security/cve/CVE-2024-47713", }, { category: "external", summary: "SUSE Bug 1232016 for CVE-2024-47713", url: "https://bugzilla.suse.com/1232016", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47713", }, { cve: "CVE-2024-47714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47714", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: use hweight16 to get correct tx antenna\n\nThe chainmask is u16 so using hweight8 cannot get correct tx_ant.\nWithout this patch, the tx_ant of band 2 would be -1 and lead to the\nfollowing issue:\nBUG: KASAN: stack-out-of-bounds in mt7996_mcu_add_sta+0x12e0/0x16e0 [mt7996e]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47714", url: "https://www.suse.com/security/cve/CVE-2024-47714", }, { category: "external", summary: "SUSE Bug 1232018 for CVE-2024-47714", url: "https://bugzilla.suse.com/1232018", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-47714", }, { cve: "CVE-2024-47715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47715", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7915: fix oops on non-dbdc mt7986\n\nmt7915_band_config() sets band_idx = 1 on the main phy for mt7986\nwith MT7975_ONE_ADIE or MT7976_ONE_ADIE.\n\nCommit 0335c034e726 (\"wifi: mt76: fix race condition related to\nchecking tx queue fill status\") introduced a dereference of the\nphys array indirectly indexed by band_idx via wcid->phy_idx in\nmt76_wcid_cleanup(). This caused the following Oops on affected\nmt7986 devices:\n\n Unable to handle kernel read from unreadable memory at virtual address 0000000000000024\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005\n CM = 0, WnR = 0\n user pgtable: 4k pages, 39-bit VAs, pgdp=0000000042545000\n [0000000000000024] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] SMP\n Modules linked in: ... mt7915e mt76_connac_lib mt76 mac80211 cfg80211 ...\n CPU: 2 PID: 1631 Comm: hostapd Not tainted 5.15.150 #0\n Hardware name: ZyXEL EX5700 (Telenor) (DT)\n pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mt76_wcid_cleanup+0x84/0x22c [mt76]\n lr : mt76_wcid_cleanup+0x64/0x22c [mt76]\n sp : ffffffc00a803700\n x29: ffffffc00a803700 x28: ffffff80008f7300 x27: ffffff80003f3c00\n x26: ffffff80000a7880 x25: ffffffc008c26e00 x24: 0000000000000001\n x23: ffffffc000a68114 x22: 0000000000000000 x21: ffffff8004172cc8\n x20: ffffffc00a803748 x19: ffffff8004152020 x18: 0000000000000000\n x17: 00000000000017c0 x16: ffffffc008ef5000 x15: 0000000000000be0\n x14: ffffff8004172e28 x13: ffffff8004172e28 x12: 0000000000000000\n x11: 0000000000000000 x10: ffffff8004172e30 x9 : ffffff8004172e28\n x8 : 0000000000000000 x7 : ffffff8004156020 x6 : 0000000000000000\n x5 : 0000000000000031 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : ffffff80008f7300 x0 : 0000000000000024\n Call trace:\n mt76_wcid_cleanup+0x84/0x22c [mt76]\n __mt76_sta_remove+0x70/0xbc [mt76]\n mt76_sta_state+0x8c/0x1a4 [mt76]\n mt7915_eeprom_get_power_delta+0x11e4/0x23a0 [mt7915e]\n drv_sta_state+0x144/0x274 [mac80211]\n sta_info_move_state+0x1cc/0x2a4 [mac80211]\n sta_set_sinfo+0xaf8/0xc24 [mac80211]\n sta_info_destroy_addr_bss+0x4c/0x6c [mac80211]\n\n ieee80211_color_change_finish+0x1c08/0x1e70 [mac80211]\n cfg80211_check_station_change+0x1360/0x4710 [cfg80211]\n genl_family_rcv_msg_doit+0xb4/0x110\n genl_rcv_msg+0xd0/0x1bc\n netlink_rcv_skb+0x58/0x120\n genl_rcv+0x34/0x50\n netlink_unicast+0x1f0/0x2ec\n netlink_sendmsg+0x198/0x3d0\n ____sys_sendmsg+0x1b0/0x210\n ___sys_sendmsg+0x80/0xf0\n __sys_sendmsg+0x44/0xa0\n __arm64_sys_sendmsg+0x20/0x30\n invoke_syscall.constprop.0+0x4c/0xe0\n do_el0_svc+0x40/0xd0\n el0_svc+0x14/0x4c\n el0t_64_sync_handler+0x100/0x110\n el0t_64_sync+0x15c/0x160\n Code: d2800002 910092c0 52800023 f9800011 (885f7c01)\n ---[ end trace 7e42dd9a39ed2281 ]---\n\nFix by using mt76_dev_phy() which will map band_idx to the correct phy\nfor all hardware combinations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47715", url: "https://www.suse.com/security/cve/CVE-2024-47715", }, { category: "external", summary: "SUSE Bug 1231860 for CVE-2024-47715", url: "https://bugzilla.suse.com/1231860", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47715", }, { cve: "CVE-2024-47716", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47716", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros\n\nFloating point instructions in userspace can crash some arm kernels\nbuilt with clang/LLD 17.0.6:\n\n BUG: unsupported FP instruction in kernel mode\n FPEXC == 0xc0000780\n Internal error: Oops - undefined instruction: 0 [#1] ARM\n CPU: 0 PID: 196 Comm: vfp-reproducer Not tainted 6.10.0 #1\n Hardware name: BCM2835\n PC is at vfp_support_entry+0xc8/0x2cc\n LR is at do_undefinstr+0xa8/0x250\n pc : [<c0101d50>] lr : [<c010a80c>] psr: a0000013\n sp : dc8d1f68 ip : 60000013 fp : bedea19c\n r10: ec532b17 r9 : 00000010 r8 : 0044766c\n r7 : c0000780 r6 : ec532b17 r5 : c1c13800 r4 : dc8d1fb0\n r3 : c10072c4 r2 : c0101c88 r1 : ec532b17 r0 : 0044766c\n Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\n Control: 00c5387d Table: 0251c008 DAC: 00000051\n Register r0 information: non-paged memory\n Register r1 information: vmalloc memory\n Register r2 information: non-slab/vmalloc memory\n Register r3 information: non-slab/vmalloc memory\n Register r4 information: 2-page vmalloc region\n Register r5 information: slab kmalloc-cg-2k\n Register r6 information: vmalloc memory\n Register r7 information: non-slab/vmalloc memory\n Register r8 information: non-paged memory\n Register r9 information: zero-size pointer\n Register r10 information: vmalloc memory\n Register r11 information: non-paged memory\n Register r12 information: non-paged memory\n Process vfp-reproducer (pid: 196, stack limit = 0x61aaaf8b)\n Stack: (0xdc8d1f68 to 0xdc8d2000)\n 1f60: 0000081f b6f69300 0000000f c10073f4 c10072c4 dc8d1fb0\n 1f80: ec532b17 0c532b17 0044766c b6f9ccd8 00000000 c010a80c 00447670 60000010\n 1fa0: ffffffff c1c13800 00c5387d c0100f10 b6f68af8 00448fc0 00000000 bedea188\n 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c\n 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff 00000000 00000000\n Call trace:\n [<c0101d50>] (vfp_support_entry) from [<c010a80c>] (do_undefinstr+0xa8/0x250)\n [<c010a80c>] (do_undefinstr) from [<c0100f10>] (__und_usr+0x70/0x80)\n Exception stack(0xdc8d1fb0 to 0xdc8d1ff8)\n 1fa0: b6f68af8 00448fc0 00000000 bedea188\n 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c\n 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff\n Code: 0a000061 e3877202 e594003c e3a09010 (eef16a10)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Fatal exception in interrupt\n ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---\n\nThis is a minimal userspace reproducer on a Raspberry Pi Zero W:\n\n #include <stdio.h>\n #include <math.h>\n\n int main(void)\n {\n double v = 1.0;\n printf(\"%fn\", NAN + *(volatile double *)&v);\n return 0;\n }\n\nAnother way to consistently trigger the oops is:\n\n calvin@raspberry-pi-zero-w ~$ python -c \"import json\"\n\nThe bug reproduces only when the kernel is built with DYNAMIC_DEBUG=n,\nbecause the pr_debug() calls act as barriers even when not activated.\n\nThis is the output from the same kernel source built with the same\ncompiler and DYNAMIC_DEBUG=y, where the userspace reproducer works as\nexpected:\n\n VFP: bounce: trigger ec532b17 fpexc c0000780\n VFP: emulate: INST=0xee377b06 SCR=0x00000000\n VFP: bounce: trigger eef1fa10 fpexc c0000780\n VFP: emulate: INST=0xeeb40b40 SCR=0x00000000\n VFP: raising exceptions 30000000\n\n calvin@raspberry-pi-zero-w ~$ ./vfp-reproducer\n nan\n\nCrudely grepping for vmsr/vmrs instructions in the otherwise nearly\nidential text for vfp_support_entry() makes the problem obvious:\n\n vmlinux.llvm.good [0xc0101cb8] <+48>: vmrs r7, fpexc\n vmlinux.llvm.good [0xc0101cd8] <+80>: vmsr fpexc, r0\n vmlinux.llvm.good [0xc0101d20\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47716", url: "https://www.suse.com/security/cve/CVE-2024-47716", }, { category: "external", summary: "SUSE Bug 1232053 for CVE-2024-47716", url: "https://bugzilla.suse.com/1232053", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47716", }, { cve: "CVE-2024-47717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47717", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRISC-V: KVM: Don't zero-out PMU snapshot area before freeing data\n\nWith the latest Linux-6.11-rc3, the below NULL pointer crash is observed\nwhen SBI PMU snapshot is enabled for the guest and the guest is forcefully\npowered-off.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000508\n Oops [#1]\n Modules linked in: kvm\n CPU: 0 UID: 0 PID: 61 Comm: term-poll Not tainted 6.11.0-rc3-00018-g44d7178dd77a #3\n Hardware name: riscv-virtio,qemu (DT)\n epc : __kvm_write_guest_page+0x94/0xa6 [kvm]\n ra : __kvm_write_guest_page+0x54/0xa6 [kvm]\n epc : ffffffff01590e98 ra : ffffffff01590e58 sp : ffff8f80001f39b0\n gp : ffffffff81512a60 tp : ffffaf80024872c0 t0 : ffffaf800247e000\n t1 : 00000000000007e0 t2 : 0000000000000000 s0 : ffff8f80001f39f0\n s1 : 00007fff89ac4000 a0 : ffffffff015dd7e8 a1 : 0000000000000086\n a2 : 0000000000000000 a3 : ffffaf8000000000 a4 : ffffaf80024882c0\n a5 : 0000000000000000 a6 : ffffaf800328d780 a7 : 00000000000001cc\n s2 : ffffaf800197bd00 s3 : 00000000000828c4 s4 : ffffaf800248c000\n s5 : ffffaf800247d000 s6 : 0000000000001000 s7 : 0000000000001000\n s8 : 0000000000000000 s9 : 00007fff861fd500 s10: 0000000000000001\n s11: 0000000000800000 t3 : 00000000000004d3 t4 : 00000000000004d3\n t5 : ffffffff814126e0 t6 : ffffffff81412700\n status: 0000000200000120 badaddr: 0000000000000508 cause: 000000000000000d\n [<ffffffff01590e98>] __kvm_write_guest_page+0x94/0xa6 [kvm]\n [<ffffffff015943a6>] kvm_vcpu_write_guest+0x56/0x90 [kvm]\n [<ffffffff015a175c>] kvm_pmu_clear_snapshot_area+0x42/0x7e [kvm]\n [<ffffffff015a1972>] kvm_riscv_vcpu_pmu_deinit.part.0+0xe0/0x14e [kvm]\n [<ffffffff015a2ad0>] kvm_riscv_vcpu_pmu_deinit+0x1a/0x24 [kvm]\n [<ffffffff0159b344>] kvm_arch_vcpu_destroy+0x28/0x4c [kvm]\n [<ffffffff0158e420>] kvm_destroy_vcpus+0x5a/0xda [kvm]\n [<ffffffff0159930c>] kvm_arch_destroy_vm+0x14/0x28 [kvm]\n [<ffffffff01593260>] kvm_destroy_vm+0x168/0x2a0 [kvm]\n [<ffffffff015933d4>] kvm_put_kvm+0x3c/0x58 [kvm]\n [<ffffffff01593412>] kvm_vm_release+0x22/0x2e [kvm]\n\nClearly, the kvm_vcpu_write_guest() function is crashing because it is\nbeing called from kvm_pmu_clear_snapshot_area() upon guest tear down.\n\nTo address the above issue, simplify the kvm_pmu_clear_snapshot_area() to\nnot zero-out PMU snapshot area from kvm_pmu_clear_snapshot_area() because\nthe guest is anyway being tore down.\n\nThe kvm_pmu_clear_snapshot_area() is also called when guest changes\nPMU snapshot area of a VCPU but even in this case the previous PMU\nsnaphsot area must not be zeroed-out because the guest might have\nreclaimed the pervious PMU snapshot area for some other purpose.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47717", url: "https://www.suse.com/security/cve/CVE-2024-47717", }, { category: "external", summary: "SUSE Bug 1232041 for CVE-2024-47717", url: "https://bugzilla.suse.com/1232041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47717", }, { cve: "CVE-2024-47718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47718", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: always wait for both firmware loading attempts\n\nIn 'rtw_wait_firmware_completion()', always wait for both (regular and\nwowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()'\nhas failed in 'rtw_usb_probe()', 'rtw_usb_disconnect()' may issue\n'ieee80211_free_hw()' when one of 'rtw_load_firmware_cb()' (usually\nthe wowlan one) is still in progress, causing UAF detected by KASAN.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47718", url: "https://www.suse.com/security/cve/CVE-2024-47718", }, { category: "external", summary: "SUSE Bug 1232015 for CVE-2024-47718", url: "https://bugzilla.suse.com/1232015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47718", }, { cve: "CVE-2024-47719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47719", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Protect against overflow of ALIGN() during iova allocation\n\nUserspace can supply an iova and uptr such that the target iova alignment\nbecomes really big and ALIGN() overflows which corrupts the selected area\nrange during allocation. CONFIG_IOMMUFD_TEST can detect this:\n\n WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline]\n WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352\n Modules linked in:\n CPU: 1 PID: 5092 Comm: syz-executor294 Not tainted 6.10.0-rc5-syzkaller-00294-g3ffea9a7a6f7 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\n RIP: 0010:iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline]\n RIP: 0010:iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352\n Code: fc e9 a4 f3 ff ff e8 1a 8b 4c fc 41 be e4 ff ff ff e9 8a f3 ff ff e8 0a 8b 4c fc 90 0f 0b 90 e9 37 f5 ff ff e8 fc 8a 4c fc 90 <0f> 0b 90 e9 68 f3 ff ff 48 c7 c1 ec 82 ad 8f 80 e1 07 80 c1 03 38\n RSP: 0018:ffffc90003ebf9e0 EFLAGS: 00010293\n RAX: ffffffff85499fa4 RBX: 00000000ffffffef RCX: ffff888079b49e00\n RDX: 0000000000000000 RSI: 00000000ffffffef RDI: 0000000000000000\n RBP: ffffc90003ebfc50 R08: ffffffff85499b30 R09: ffffffff85499942\n R10: 0000000000000002 R11: ffff888079b49e00 R12: ffff8880228e0010\n R13: 0000000000000000 R14: 1ffff920007d7f68 R15: ffffc90003ebfd00\n FS: 000055557d760380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000005fdeb8 CR3: 000000007404a000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n iommufd_ioas_copy+0x610/0x7b0 drivers/iommu/iommufd/ioas.c:274\n iommufd_fops_ioctl+0x4d9/0x5a0 drivers/iommu/iommufd/main.c:421\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCap the automatic alignment to the huge page size, which is probably a\nbetter idea overall. Huge automatic alignments can fragment and chew up\nthe available IOVA space without any reason.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47719", url: "https://www.suse.com/security/cve/CVE-2024-47719", }, { category: "external", summary: "SUSE Bug 1231865 for CVE-2024-47719", url: "https://bugzilla.suse.com/1231865", }, { category: "external", summary: "SUSE Bug 1231866 for CVE-2024-47719", url: "https://bugzilla.suse.com/1231866", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47719", }, { cve: "CVE-2024-47720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47720", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn30_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for nullity at line 386, but then it\nwas being dereferenced without any nullity check at line 401. This\ncould potentially lead to a null pointer dereference error if\nset_output_gamma is indeed null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a nullity check for\nset_output_gamma before the call to set_output_gamma at line 401. If\nset_output_gamma is null, we log an error message and do not call the\nfunction.\n\nThis fix prevents a potential null pointer dereference error.\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func()\nerror: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386)\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c\n 373 bool dcn30_set_output_transfer_func(struct dc *dc,\n 374 struct pipe_ctx *pipe_ctx,\n 375 const struct dc_stream_state *stream)\n 376 {\n 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst;\n 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc;\n 379 const struct pwl_params *params = NULL;\n 380 bool ret = false;\n 381\n 382 /* program OGAM or 3DLUT only for the top pipe*/\n 383 if (pipe_ctx->top_pipe == NULL) {\n 384 /*program rmu shaper and 3dlut in MPC*/\n 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream);\n 386 if (ret == false && mpc->funcs->set_output_gamma) {\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL\n\n 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL)\n 388 params = &stream->out_transfer_func.pwl;\n 389 else if (pipe_ctx->stream->out_transfer_func.type ==\n 390 TF_TYPE_DISTRIBUTED_POINTS &&\n 391 cm3_helper_translate_curve_to_hw_format(\n 392 &stream->out_transfer_func,\n 393 &mpc->blender_params, false))\n 394 params = &mpc->blender_params;\n 395 /* there are no ROM LUTs in OUTGAM */\n 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED)\n 397 BREAK_TO_DEBUGGER();\n 398 }\n 399 }\n 400\n--> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params);\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash\n\n 402 return ret;\n 403 }", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47720", url: "https://www.suse.com/security/cve/CVE-2024-47720", }, { category: "external", summary: "SUSE Bug 1232043 for CVE-2024-47720", url: "https://bugzilla.suse.com/1232043", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47720", }, { cve: "CVE-2024-47721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47721", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading\n\nThe handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't\nimplemented, but driver expects number of handlers is\nNUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access. Fix it by\nremoving ID.\n\nAddresses-Coverity-ID: 1598775 (\"Out-of-bounds read\")", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47721", url: "https://www.suse.com/security/cve/CVE-2024-47721", }, { category: "external", summary: "SUSE Bug 1232052 for CVE-2024-47721", url: "https://bugzilla.suse.com/1232052", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47721", }, { cve: "CVE-2024-47723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47723", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix out-of-bounds in dbNextAG() and diAlloc()\n\nIn dbNextAG() , there is no check for the case where bmp->db_numag is\ngreater or same than MAXAG due to a polluted image, which causes an\nout-of-bounds. Therefore, a bounds check should be added in dbMount().\n\nAnd in dbNextAG(), a check for the case where agpref is greater than\nbmp->db_numag should be added, so an out-of-bounds exception should be\nprevented.\n\nAdditionally, a check for the case where agno is greater or same than\nMAXAG should be added in diAlloc() to prevent out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47723", url: "https://www.suse.com/security/cve/CVE-2024-47723", }, { category: "external", summary: "SUSE Bug 1232050 for CVE-2024-47723", url: "https://bugzilla.suse.com/1232050", }, { category: "external", summary: "SUSE Bug 1232051 for CVE-2024-47723", url: "https://bugzilla.suse.com/1232051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47723", }, { cve: "CVE-2024-47724", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47724", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: use work queue to process beacon tx event\n\nCommit 3a415daa3e8b (\"wifi: ath11k: add P2P IE in beacon template\")\nfrom Feb 28, 2024 (linux-next), leads to the following Smatch static\nchecker warning:\n\ndrivers/net/wireless/ath/ath11k/wmi.c:1742 ath11k_wmi_p2p_go_bcn_ie()\nwarn: sleeping in atomic context\n\nThe reason is that ath11k_bcn_tx_status_event() will directly call might\nsleep function ath11k_wmi_cmd_send() during RCU read-side critical\nsections. The call trace is like:\n\nath11k_bcn_tx_status_event()\n-> rcu_read_lock()\n-> ath11k_mac_bcn_tx_event()\n\t-> ath11k_mac_setup_bcn_tmpl()\n\t……\n\t\t-> ath11k_wmi_bcn_tmpl()\n\t\t\t-> ath11k_wmi_cmd_send()\n-> rcu_read_unlock()\n\nCommit 886433a98425 (\"ath11k: add support for BSS color change\") added the\nath11k_mac_bcn_tx_event(), commit 01e782c89108 (\"ath11k: fix warning\nof RCU usage for ath11k_mac_get_arvif_by_vdev_id()\") added the RCU lock\nto avoid warning but also introduced this BUG.\n\nUse work queue to avoid directly calling ath11k_mac_bcn_tx_event()\nduring RCU critical sections. No need to worry about the deletion of vif\nbecause cancel_work_sync() will drop the work if it doesn't start or\nblock vif deletion until the running work is done.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47724", url: "https://www.suse.com/security/cve/CVE-2024-47724", }, { category: "external", summary: "SUSE Bug 1232073 for CVE-2024-47724", url: "https://bugzilla.suse.com/1232073", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47724", }, { cve: "CVE-2024-47726", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47726", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait dio completion\n\nIt should wait all existing dio write IOs before block removal,\notherwise, previous direct write IO may overwrite data in the\nblock which may be reused by other inode.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47726", url: "https://www.suse.com/security/cve/CVE-2024-47726", }, { category: "external", summary: "SUSE Bug 1232113 for CVE-2024-47726", url: "https://bugzilla.suse.com/1232113", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47726", }, { cve: "CVE-2024-47727", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47727", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Fix \"in-kernel MMIO\" check\n\nTDX only supports kernel-initiated MMIO operations. The handle_mmio()\nfunction checks if the #VE exception occurred in the kernel and rejects\nthe operation if it did not.\n\nHowever, userspace can deceive the kernel into performing MMIO on its\nbehalf. For example, if userspace can point a syscall to an MMIO address,\nsyscall does get_user() or put_user() on it, triggering MMIO #VE. The\nkernel will treat the #VE as in-kernel MMIO.\n\nEnsure that the target MMIO address is within the kernel before decoding\ninstruction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47727", url: "https://www.suse.com/security/cve/CVE-2024-47727", }, { category: "external", summary: "SUSE Bug 1232116 for CVE-2024-47727", url: "https://bugzilla.suse.com/1232116", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47727", }, { cve: "CVE-2024-47728", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47728", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error\n\nFor all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input\narguments, zero the value for the case of an error as otherwise it could leak\nmemory. For tracing, it is not needed given CAP_PERFMON can already read all\nkernel memory anyway hence bpf_get_func_arg() and bpf_get_func_ret() is skipped\nin here.\n\nAlso, the MTU helpers mtu_len pointer value is being written but also read.\nTechnically, the MEM_UNINIT should not be there in order to always force init.\nRemoving MEM_UNINIT needs more verifier rework though: MEM_UNINIT right now\nimplies two things actually: i) write into memory, ii) memory does not have\nto be initialized. If we lift MEM_UNINIT, it then becomes: i) read into memory,\nii) memory must be initialized. This means that for bpf_*_check_mtu() we're\nreadding the issue we're trying to fix, that is, it would then be able to\nwrite back into things like .rodata BPF maps. Follow-up work will rework the\nMEM_UNINIT semantics such that the intent can be better expressed. For now\njust clear the *mtu_len on error path which can be lifted later again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47728", url: "https://www.suse.com/security/cve/CVE-2024-47728", }, { category: "external", summary: "SUSE Bug 1232076 for CVE-2024-47728", url: "https://bugzilla.suse.com/1232076", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47728", }, { cve: "CVE-2024-47729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47729", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use reserved copy engine for user binds on faulting devices\n\nUser binds map to engines with can fault, faults depend on user binds\ncompletion, thus we can deadlock. Avoid this by using reserved copy\nengine for user binds on faulting devices.\n\nWhile we are here, normalize bind queue creation with a helper.\n\nv2:\n - Pass in extensions to bind queue creation (CI)\nv3:\n - s/resevered/reserved (Lucas)\n - Fix NULL hwe check (Jonathan)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47729", url: "https://www.suse.com/security/cve/CVE-2024-47729", }, { category: "external", summary: "SUSE Bug 1232077 for CVE-2024-47729", url: "https://bugzilla.suse.com/1232077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47729", }, { cve: "CVE-2024-47730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47730", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - inject error before stopping queue\n\nThe master ooo cannot be completely closed when the\naccelerator core reports memory error. Therefore, the driver\nneeds to inject the qm error to close the master ooo. Currently,\nthe qm error is injected after stopping queue, memory may be\nreleased immediately after stopping queue, causing the device to\naccess the released memory. Therefore, error is injected to close master\nooo before stopping queue to ensure that the device does not access\nthe released memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47730", url: "https://www.suse.com/security/cve/CVE-2024-47730", }, { category: "external", summary: "SUSE Bug 1232075 for CVE-2024-47730", url: "https://bugzilla.suse.com/1232075", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47730", }, { cve: "CVE-2024-47731", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47731", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: Fix ali_drw_pmu driver interrupt status clearing\n\nThe alibaba_uncore_pmu driver forgot to clear all interrupt status\nin the interrupt processing function. After the PMU counter overflow\ninterrupt occurred, an interrupt storm occurred, causing the system\nto hang.\n\nTherefore, clear the correct interrupt status in the interrupt handling\nfunction to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47731", url: "https://www.suse.com/security/cve/CVE-2024-47731", }, { category: "external", summary: "SUSE Bug 1232117 for CVE-2024-47731", url: "https://bugzilla.suse.com/1232117", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47731", }, { cve: "CVE-2024-47732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47732", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix potential use after free bug\n\nThe free_device_compression_mode(iaa_device, device_mode) function frees\n\"device_mode\" but it iss passed to iaa_compression_modes[i]->free() a few\nlines later resulting in a use after free.\n\nThe good news is that, so far as I can tell, nothing implements the\n->free() function and the use after free happens in dead code. But, with\nthis fix, when something does implement it, we'll be ready. :)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47732", url: "https://www.suse.com/security/cve/CVE-2024-47732", }, { category: "external", summary: "SUSE Bug 1232109 for CVE-2024-47732", url: "https://bugzilla.suse.com/1232109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47732", }, { cve: "CVE-2024-47733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47733", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Delete subtree of 'fs/netfs' when netfs module exits\n\nIn netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs',\nbut in netfs_exit(), we only delete the proc entry of 'fs/netfs' without\ndeleting its subtree. This triggers the following WARNING:\n\n==================================================================\nremove_proc_entry: removing non-empty directory 'fs/netfs', leaking at least 'requests'\nWARNING: CPU: 4 PID: 566 at fs/proc/generic.c:717 remove_proc_entry+0x160/0x1c0\nModules linked in: netfs(-)\nCPU: 4 UID: 0 PID: 566 Comm: rmmod Not tainted 6.11.0-rc3 #860\nRIP: 0010:remove_proc_entry+0x160/0x1c0\nCall Trace:\n <TASK>\n netfs_exit+0x12/0x620 [netfs]\n __do_sys_delete_module.isra.0+0x14c/0x2e0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n==================================================================\n\nTherefore use remove_proc_subtree() instead of remove_proc_entry() to\nfix the above problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47733", url: "https://www.suse.com/security/cve/CVE-2024-47733", }, { category: "external", summary: "SUSE Bug 1232110 for CVE-2024-47733", url: "https://bugzilla.suse.com/1232110", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47733", }, { cve: "CVE-2024-47734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47734", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()\n\nsyzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce\nthis[1], one bond device (bond1) has xdpdrv, which increases\nbpf_master_redirect_enabled_key. Another bond device (bond0) which is\nunsupported by XDP but its slave (veth3) has xdpgeneric that returns\nXDP_TX. This triggers WARN_ON_ONCE() from the xdp_master_redirect().\nTo reduce unnecessary warnings and improve log management, we need to\ndelete the WARN_ON_ONCE() and add ratelimit to the netdev_err().\n\n[1] Steps to reproduce:\n # Needs tx_xdp with return XDP_TX;\n ip l add veth0 type veth peer veth1\n ip l add veth3 type veth peer veth4\n ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP\n ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default\n ip l set veth0 master bond1\n ip l set bond1 up\n # Increases bpf_master_redirect_enabled_key\n ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx\n ip l set veth3 master bond0\n ip l set bond0 up\n ip l set veth4 up\n # Triggers WARN_ON_ONCE() from the xdp_master_redirect()\n ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47734", url: "https://www.suse.com/security/cve/CVE-2024-47734", }, { category: "external", summary: "SUSE Bug 1232055 for CVE-2024-47734", url: "https://bugzilla.suse.com/1232055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47734", }, { cve: "CVE-2024-47735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47735", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled\n\nFix missuse of spin_lock_irq()/spin_unlock_irq() when\nspin_lock_irqsave()/spin_lock_irqrestore() was hold.\n\nThis was discovered through the lock debugging, and the corresponding\nlog is as follows:\n\nraw_local_irq_restore() called with IRQs enabled\nWARNING: CPU: 96 PID: 2074 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40\n...\nCall trace:\n warn_bogus_irq_restore+0x30/0x40\n _raw_spin_unlock_irqrestore+0x84/0xc8\n add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2]\n hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2]\n hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2]\n create_qp+0x138/0x258\n ib_create_qp_kernel+0x50/0xe8\n create_mad_qp+0xa8/0x128\n ib_mad_port_open+0x218/0x448\n ib_mad_init_device+0x70/0x1f8\n add_client_context+0xfc/0x220\n enable_device_and_get+0xd0/0x140\n ib_register_device.part.0+0xf4/0x1c8\n ib_register_device+0x34/0x50\n hns_roce_register_device+0x174/0x3d0 [hns_roce_hw_v2]\n hns_roce_init+0xfc/0x2c0 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x7c/0x1d0 [hns_roce_hw_v2]\n hns_roce_hw_v2_init_instance+0x9c/0x180 [hns_roce_hw_v2]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47735", url: "https://www.suse.com/security/cve/CVE-2024-47735", }, { category: "external", summary: "SUSE Bug 1232111 for CVE-2024-47735", url: "https://bugzilla.suse.com/1232111", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47735", }, { cve: "CVE-2024-47736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47736", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle overlapped pclusters out of crafted images properly\n\nsyzbot reported a task hang issue due to a deadlock case where it is\nwaiting for the folio lock of a cached folio that will be used for\ncache I/Os.\n\nAfter looking into the crafted fuzzed image, I found it's formed with\nseveral overlapped big pclusters as below:\n\n Ext: logical offset | length : physical offset | length\n 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384\n 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384\n 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384\n...\n\nHere, extent 0/1 are physically overlapped although it's entirely\n_impossible_ for normal filesystem images generated by mkfs.\n\nFirst, managed folios containing compressed data will be marked as\nup-to-date and then unlocked immediately (unlike in-place folios) when\ncompressed I/Os are complete. If physical blocks are not submitted in\nthe incremental order, there should be separate BIOs to avoid dependency\nissues. However, the current code mis-arranges z_erofs_fill_bio_vec()\nand BIO submission which causes unexpected BIO waits.\n\nSecond, managed folios will be connected to their own pclusters for\nefficient inter-queries. However, this is somewhat hard to implement\neasily if overlapped big pclusters exist. Again, these only appear in\nfuzzed images so let's simply fall back to temporary short-lived pages\nfor correctness.\n\nAdditionally, it justifies that referenced managed folios cannot be\ntruncated for now and reverts part of commit 2080ca1ed3e4 (\"erofs: tidy\nup `struct z_erofs_bvec`\") for simplicity although it shouldn't be any\ndifference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47736", url: "https://www.suse.com/security/cve/CVE-2024-47736", }, { category: "external", summary: "SUSE Bug 1232112 for CVE-2024-47736", url: "https://bugzilla.suse.com/1232112", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47736", }, { cve: "CVE-2024-47737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47737", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call cache_put if xdr_reserve_space returns NULL\n\nIf not enough buffer space available, but idmap_lookup has triggered\nlookup_fn which calls cache_get and returns successfully. Then we\nmissed to call cache_put here which pairs with cache_get.\n\nReviwed-by: Jeff Layton <jlayton@kernel.org>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47737", url: "https://www.suse.com/security/cve/CVE-2024-47737", }, { category: "external", summary: "SUSE Bug 1232056 for CVE-2024-47737", url: "https://bugzilla.suse.com/1232056", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47737", }, { cve: "CVE-2024-47738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47738", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don't use rate mask for offchannel TX either\n\nLike the commit ab9177d83c04 (\"wifi: mac80211: don't use rate mask for\nscanning\"), ignore incorrect settings to avoid no supported rate warning\nreported by syzbot.\n\nThe syzbot did bisect and found cause is commit 9df66d5b9f45 (\"cfg80211:\nfix default HE tx bitrate mask in 2G band\"), which however corrects\nbitmask of HE MCS and recognizes correctly settings of empty legacy rate\nplus HE MCS rate instead of returning -EINVAL.\n\nAs suggestions [1], follow the change of SCAN TX to consider this case of\noffchannel TX as well.\n\n[1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47738", url: "https://www.suse.com/security/cve/CVE-2024-47738", }, { category: "external", summary: "SUSE Bug 1232114 for CVE-2024-47738", url: "https://bugzilla.suse.com/1232114", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47738", }, { cve: "CVE-2024-47739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47739", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: use integer wrap around to prevent deadlock on seq_nr overflow\n\nWhen submitting more than 2^32 padata objects to padata_do_serial, the\ncurrent sorting implementation incorrectly sorts padata objects with\noverflowed seq_nr, causing them to be placed before existing objects in\nthe reorder list. This leads to a deadlock in the serialization process\nas padata_find_next cannot match padata->seq_nr and pd->processed\nbecause the padata instance with overflowed seq_nr will be selected\nnext.\n\nTo fix this, we use an unsigned integer wrap around to correctly sort\npadata objects in scenarios with integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47739", url: "https://www.suse.com/security/cve/CVE-2024-47739", }, { category: "external", summary: "SUSE Bug 1232124 for CVE-2024-47739", url: "https://bugzilla.suse.com/1232124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47739", }, { cve: "CVE-2024-47740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47740", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: Require FMODE_WRITE for atomic write ioctls\n\nThe F2FS ioctls for starting and committing atomic writes check for\ninode_owner_or_capable(), but this does not give LSMs like SELinux or\nLandlock an opportunity to deny the write access - if the caller's FSUID\nmatches the inode's UID, inode_owner_or_capable() immediately returns true.\n\nThere are scenarios where LSMs want to deny a process the ability to write\nparticular files, even files that the FSUID of the process owns; but this\ncan currently partially be bypassed using atomic write ioctls in two ways:\n\n - F2FS_IOC_START_ATOMIC_REPLACE + F2FS_IOC_COMMIT_ATOMIC_WRITE can\n truncate an inode to size 0\n - F2FS_IOC_START_ATOMIC_WRITE + F2FS_IOC_ABORT_ATOMIC_WRITE can revert\n changes another process concurrently made to a file\n\nFix it by requiring FMODE_WRITE for these operations, just like for\nF2FS_IOC_MOVE_RANGE. Since any legitimate caller should only be using these\nioctls when intending to write into the file, that seems unlikely to break\nanything.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47740", url: "https://www.suse.com/security/cve/CVE-2024-47740", }, { category: "external", summary: "SUSE Bug 1231867 for CVE-2024-47740", url: "https://bugzilla.suse.com/1231867", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47740", }, { cve: "CVE-2024-47741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47741", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race setting file private on concurrent lseek using same fd\n\nWhen doing concurrent lseek(2) system calls against the same file\ndescriptor, using multiple threads belonging to the same process, we have\na short time window where a race happens and can result in a memory leak.\n\nThe race happens like this:\n\n1) A program opens a file descriptor for a file and then spawns two\n threads (with the pthreads library for example), lets call them\n task A and task B;\n\n2) Task A calls lseek with SEEK_DATA or SEEK_HOLE and ends up at\n file.c:find_desired_extent() while holding a read lock on the inode;\n\n3) At the start of find_desired_extent(), it extracts the file's\n private_data pointer into a local variable named 'private', which has\n a value of NULL;\n\n4) Task B also calls lseek with SEEK_DATA or SEEK_HOLE, locks the inode\n in shared mode and enters file.c:find_desired_extent(), where it also\n extracts file->private_data into its local variable 'private', which\n has a NULL value;\n\n5) Because it saw a NULL file private, task A allocates a private\n structure and assigns to the file structure;\n\n6) Task B also saw a NULL file private so it also allocates its own file\n private and then assigns it to the same file structure, since both\n tasks are using the same file descriptor.\n\n At this point we leak the private structure allocated by task A.\n\nBesides the memory leak, there's also the detail that both tasks end up\nusing the same cached state record in the private structure (struct\nbtrfs_file_private::llseek_cached_state), which can result in a\nuse-after-free problem since one task can free it while the other is\nstill using it (only one task took a reference count on it). Also, sharing\nthe cached state is not a good idea since it could result in incorrect\nresults in the future - right now it should not be a problem because it\nend ups being used only in extent-io-tree.c:count_range_bits() where we do\nrange validation before using the cached state.\n\nFix this by protecting the private assignment and check of a file while\nholding the inode's spinlock and keep track of the task that allocated\nthe private, so that it's used only by that task in order to prevent\nuser-after-free issues with the cached state record as well as potentially\nusing it incorrectly in the future.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47741", url: "https://www.suse.com/security/cve/CVE-2024-47741", }, { category: "external", summary: "SUSE Bug 1231869 for CVE-2024-47741", url: "https://bugzilla.suse.com/1231869", }, { category: "external", summary: "SUSE Bug 1231870 for CVE-2024-47741", url: "https://bugzilla.suse.com/1231870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47741", }, { cve: "CVE-2024-47742", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47742", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware_loader: Block path traversal\n\nMost firmware names are hardcoded strings, or are constructed from fairly\nconstrained format strings where the dynamic parts are just some hex\nnumbers or such.\n\nHowever, there are a couple codepaths in the kernel where firmware file\nnames contain string components that are passed through from a device or\nsemi-privileged userspace; the ones I could find (not counting interfaces\nthat require root privileges) are:\n\n - lpfc_sli4_request_firmware_update() seems to construct the firmware\n filename from \"ModelName\", a string that was previously parsed out of\n some descriptor (\"Vital Product Data\") in lpfc_fill_vpd()\n - nfp_net_fw_find() seems to construct a firmware filename from a model\n name coming from nfp_hwinfo_lookup(pf->hwinfo, \"nffw.partno\"), which I\n think parses some descriptor that was read from the device.\n (But this case likely isn't exploitable because the format string looks\n like \"netronome/nic_%s\", and there shouldn't be any *folders* starting\n with \"netronome/nic_\". The previous case was different because there,\n the \"%s\" is *at the start* of the format string.)\n - module_flash_fw_schedule() is reachable from the\n ETHTOOL_MSG_MODULE_FW_FLASH_ACT netlink command, which is marked as\n GENL_UNS_ADMIN_PERM (meaning CAP_NET_ADMIN inside a user namespace is\n enough to pass the privilege check), and takes a userspace-provided\n firmware name.\n (But I think to reach this case, you need to have CAP_NET_ADMIN over a\n network namespace that a special kind of ethernet device is mapped into,\n so I think this is not a viable attack path in practice.)\n\nFix it by rejecting any firmware names containing \"..\" path components.\n\nFor what it's worth, I went looking and haven't found any USB device\ndrivers that use the firmware loader dangerously.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47742", url: "https://www.suse.com/security/cve/CVE-2024-47742", }, { category: "external", summary: "SUSE Bug 1232126 for CVE-2024-47742", url: "https://bugzilla.suse.com/1232126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47742", }, { cve: "CVE-2024-47743", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47743", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: prevent NULL pointer dereference in find_asymmetric_key()\n\nIn find_asymmetric_key(), if all NULLs are passed in the id_{0,1,2}\narguments, the kernel will first emit WARN but then have an oops\nbecause id_2 gets dereferenced anyway.\n\nAdd the missing id_2 check and move WARN_ON() to the final else branch\nto avoid duplicate NULL checks.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47743", url: "https://www.suse.com/security/cve/CVE-2024-47743", }, { category: "external", summary: "SUSE Bug 1232129 for CVE-2024-47743", url: "https://bugzilla.suse.com/1232129", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47743", }, { cve: "CVE-2024-47744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47744", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock\n\nUse a dedicated mutex to guard kvm_usage_count to fix a potential deadlock\non x86 due to a chain of locks and SRCU synchronizations. Translating the\nbelow lockdep splat, CPU1 #6 will wait on CPU0 #1, CPU0 #8 will wait on\nCPU2 #3, and CPU2 #7 will wait on CPU1 #4 (if there's a writer, due to the\nfairness of r/w semaphores).\n\n CPU0 CPU1 CPU2\n1 lock(&kvm->slots_lock);\n2 lock(&vcpu->mutex);\n3 lock(&kvm->srcu);\n4 lock(cpu_hotplug_lock);\n5 lock(kvm_lock);\n6 lock(&kvm->slots_lock);\n7 lock(cpu_hotplug_lock);\n8 sync(&kvm->srcu);\n\nNote, there are likely more potential deadlocks in KVM x86, e.g. the same\npattern of taking cpu_hotplug_lock outside of kvm_lock likely exists with\n__kvmclock_cpufreq_notifier():\n\n cpuhp_cpufreq_online()\n |\n -> cpufreq_online()\n |\n -> cpufreq_gov_performance_limits()\n |\n -> __cpufreq_driver_target()\n |\n -> __target_index()\n |\n -> cpufreq_freq_transition_begin()\n |\n -> cpufreq_notify_transition()\n |\n -> ... __kvmclock_cpufreq_notifier()\n\nBut, actually triggering such deadlocks is beyond rare due to the\ncombination of dependencies and timings involved. E.g. the cpufreq\nnotifier is only used on older CPUs without a constant TSC, mucking with\nthe NX hugepage mitigation while VMs are running is very uncommon, and\ndoing so while also onlining/offlining a CPU (necessary to generate\ncontention on cpu_hotplug_lock) would be even more unusual.\n\nThe most robust solution to the general cpu_hotplug_lock issue is likely\nto switch vm_list to be an RCU-protected list, e.g. so that x86's cpufreq\nnotifier doesn't to take kvm_lock. For now, settle for fixing the most\nblatant deadlock, as switching to an RCU-protected list is a much more\ninvolved change, but add a comment in locking.rst to call out that care\nneeds to be taken when walking holding kvm_lock and walking vm_list.\n\n ======================================================\n WARNING: possible circular locking dependency detected\n 6.10.0-smp--c257535a0c9d-pip #330 Tainted: G S O\n ------------------------------------------------------\n tee/35048 is trying to acquire lock:\n ff6a80eced71e0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x179/0x1e0 [kvm]\n\n but task is already holding lock:\n ffffffffc07abb08 (kvm_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x14a/0x1e0 [kvm]\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -> #3 (kvm_lock){+.+.}-{3:3}:\n __mutex_lock+0x6a/0xb40\n mutex_lock_nested+0x1f/0x30\n kvm_dev_ioctl+0x4fb/0xe50 [kvm]\n __se_sys_ioctl+0x7b/0xd0\n __x64_sys_ioctl+0x21/0x30\n x64_sys_call+0x15d0/0x2e60\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n -> #2 (cpu_hotplug_lock){++++}-{0:0}:\n cpus_read_lock+0x2e/0xb0\n static_key_slow_inc+0x16/0x30\n kvm_lapic_set_base+0x6a/0x1c0 [kvm]\n kvm_set_apic_base+0x8f/0xe0 [kvm]\n kvm_set_msr_common+0x9ae/0xf80 [kvm]\n vmx_set_msr+0xa54/0xbe0 [kvm_intel]\n __kvm_set_msr+0xb6/0x1a0 [kvm]\n kvm_arch_vcpu_ioctl+0xeca/0x10c0 [kvm]\n kvm_vcpu_ioctl+0x485/0x5b0 [kvm]\n __se_sys_ioctl+0x7b/0xd0\n __x64_sys_ioctl+0x21/0x30\n x64_sys_call+0x15d0/0x2e60\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n -> #1 (&kvm->srcu){.+.+}-{0:0}:\n __synchronize_srcu+0x44/0x1a0\n \n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47744", url: "https://www.suse.com/security/cve/CVE-2024-47744", }, { category: "external", summary: "SUSE Bug 1232132 for CVE-2024-47744", url: "https://bugzilla.suse.com/1232132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47744", }, { cve: "CVE-2024-47745", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47745", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: call the security_mmap_file() LSM hook in remap_file_pages()\n\nThe remap_file_pages syscall handler calls do_mmap() directly, which\ndoesn't contain the LSM security check. And if the process has called\npersonality(READ_IMPLIES_EXEC) before and remap_file_pages() is called for\nRW pages, this will actually result in remapping the pages to RWX,\nbypassing a W^X policy enforced by SELinux.\n\nSo we should check prot by security_mmap_file LSM hook in the\nremap_file_pages syscall handler before do_mmap() is called. Otherwise, it\npotentially permits an attacker to bypass a W^X policy enforced by\nSELinux.\n\nThe bypass is similar to CVE-2016-10044, which bypass the same thing via\nAIO and can be found in [1].\n\nThe PoC:\n\n$ cat > test.c\n\nint main(void) {\n\tsize_t pagesz = sysconf(_SC_PAGE_SIZE);\n\tint mfd = syscall(SYS_memfd_create, \"test\", 0);\n\tconst char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE,\n\t\tMAP_SHARED, mfd, 0);\n\tunsigned int old = syscall(SYS_personality, 0xffffffff);\n\tsyscall(SYS_personality, READ_IMPLIES_EXEC | old);\n\tsyscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0);\n\tsyscall(SYS_personality, old);\n\t// show the RWX page exists even if W^X policy is enforced\n\tint fd = open(\"/proc/self/maps\", O_RDONLY);\n\tunsigned char buf2[1024];\n\twhile (1) {\n\t\tint ret = read(fd, buf2, 1024);\n\t\tif (ret <= 0) break;\n\t\twrite(1, buf2, ret);\n\t}\n\tclose(fd);\n}\n\n$ gcc test.c -o test\n$ ./test | grep rwx\n7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted)\n\n[PM: subject line tweaks]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47745", url: "https://www.suse.com/security/cve/CVE-2024-47745", }, { category: "external", summary: "SUSE Bug 1232135 for CVE-2024-47745", url: "https://bugzilla.suse.com/1232135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47745", }, { cve: "CVE-2024-47746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47746", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set\n\nThis may be a typo. The comment has said shared locks are\nnot allowed when this bit is set. If using shared lock, the\nwait in `fuse_file_cached_io_open` may be forever.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47746", url: "https://www.suse.com/security/cve/CVE-2024-47746", }, { category: "external", summary: "SUSE Bug 1232137 for CVE-2024-47746", url: "https://bugzilla.suse.com/1232137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47746", }, { cve: "CVE-2024-47747", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47747", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition\n\nIn the ether3_probe function, a timer is initialized with a callback\nfunction ether3_ledoff, bound to &prev(dev)->timer. Once the timer is\nstarted, there is a risk of a race condition if the module or device\nis removed, triggering the ether3_remove function to perform cleanup.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | ether3_ledoff\nether3_remove |\n free_netdev(dev); |\n put_devic |\n kfree(dev); |\n | ether3_outw(priv(dev)->regs.config2 |= CFG2_CTRLO, REG_CONFIG2);\n | // use dev\n\nFix it by ensuring that the timer is canceled before proceeding with\nthe cleanup in ether3_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47747", url: "https://www.suse.com/security/cve/CVE-2024-47747", }, { category: "external", summary: "SUSE Bug 1232145 for CVE-2024-47747", url: "https://bugzilla.suse.com/1232145", }, { category: "external", summary: "SUSE Bug 1232146 for CVE-2024-47747", url: "https://bugzilla.suse.com/1232146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47747", }, { cve: "CVE-2024-47748", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47748", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost_vdpa: assign irq bypass producer token correctly\n\nWe used to call irq_bypass_unregister_producer() in\nvhost_vdpa_setup_vq_irq() which is problematic as we don't know if the\ntoken pointer is still valid or not.\n\nActually, we use the eventfd_ctx as the token so the life cycle of the\ntoken should be bound to the VHOST_SET_VRING_CALL instead of\nvhost_vdpa_setup_vq_irq() which could be called by set_status().\n\nFixing this by setting up irq bypass producer's token when handling\nVHOST_SET_VRING_CALL and un-registering the producer before calling\nvhost_vring_ioctl() to prevent a possible use after free as eventfd\ncould have been released in vhost_vring_ioctl(). And such registering\nand unregistering will only be done if DRIVER_OK is set.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47748", url: "https://www.suse.com/security/cve/CVE-2024-47748", }, { category: "external", summary: "SUSE Bug 1232174 for CVE-2024-47748", url: "https://bugzilla.suse.com/1232174", }, { category: "external", summary: "SUSE Bug 1232177 for CVE-2024-47748", url: "https://bugzilla.suse.com/1232177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47748", }, { cve: "CVE-2024-47749", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47749", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cxgb4: Added NULL check for lookup_atid\n\nThe lookup_atid() function can return NULL if the ATID is\ninvalid or does not exist in the identifier table, which\ncould lead to dereferencing a null pointer without a\ncheck in the `act_establish()` and `act_open_rpl()` functions.\nAdd a NULL check to prevent null pointer dereferencing.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47749", url: "https://www.suse.com/security/cve/CVE-2024-47749", }, { category: "external", summary: "SUSE Bug 1232180 for CVE-2024-47749", url: "https://bugzilla.suse.com/1232180", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47749", }, { cve: "CVE-2024-47750", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47750", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix Use-After-Free of rsv_qp on HIP08\n\nCurrently rsv_qp is freed before ib_unregister_device() is called\non HIP08. During the time interval, users can still dereg MR and\nrsv_qp will be used in this process, leading to a UAF. Move the\nrelease of rsv_qp after calling ib_unregister_device() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47750", url: "https://www.suse.com/security/cve/CVE-2024-47750", }, { category: "external", summary: "SUSE Bug 1232182 for CVE-2024-47750", url: "https://bugzilla.suse.com/1232182", }, { category: "external", summary: "SUSE Bug 1232829 for CVE-2024-47750", url: "https://bugzilla.suse.com/1232829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47750", }, { cve: "CVE-2024-47751", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47751", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()\n\nWithin kirin_pcie_parse_port(), the pcie->num_slots is compared to\npcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead\nto an overflow.\n\nThus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move\npcie->num_slots increment below the if-statement to avoid out-of-bounds\narray access.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[kwilczynski: commit log]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47751", url: "https://www.suse.com/security/cve/CVE-2024-47751", }, { category: "external", summary: "SUSE Bug 1232127 for CVE-2024-47751", url: "https://bugzilla.suse.com/1232127", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47751", }, { cve: "CVE-2024-47752", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47752", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix H264 stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_h264_req_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47752", url: "https://www.suse.com/security/cve/CVE-2024-47752", }, { category: "external", summary: "SUSE Bug 1232130 for CVE-2024-47752", url: "https://bugzilla.suse.com/1232130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47752", }, { cve: "CVE-2024-47753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47753", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix VP8 stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_vp8_req_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47753", url: "https://www.suse.com/security/cve/CVE-2024-47753", }, { category: "external", summary: "SUSE Bug 1231868 for CVE-2024-47753", url: "https://bugzilla.suse.com/1231868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47753", }, { cve: "CVE-2024-47754", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47754", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_h264_req_multi_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47754", url: "https://www.suse.com/security/cve/CVE-2024-47754", }, { category: "external", summary: "SUSE Bug 1232131 for CVE-2024-47754", url: "https://bugzilla.suse.com/1232131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47754", }, { cve: "CVE-2024-47756", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47756", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: keystone: Fix if-statement expression in ks_pcie_quirk()\n\nThis code accidentally uses && where || was intended. It potentially\nresults in a NULL dereference.\n\nThus, fix the if-statement expression to use the correct condition.\n\n[kwilczynski: commit log]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47756", url: "https://www.suse.com/security/cve/CVE-2024-47756", }, { category: "external", summary: "SUSE Bug 1232185 for CVE-2024-47756", url: "https://bugzilla.suse.com/1232185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47756", }, { cve: "CVE-2024-47757", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47757", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential oob read in nilfs_btree_check_delete()\n\nThe function nilfs_btree_check_delete(), which checks whether degeneration\nto direct mapping occurs before deleting a b-tree entry, causes memory\naccess outside the block buffer when retrieving the maximum key if the\nroot node has no entries.\n\nThis does not usually happen because b-tree mappings with 0 child nodes\nare never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen\nif the b-tree root node read from a device is configured that way, so fix\nthis potential issue by adding a check for that case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47757", url: "https://www.suse.com/security/cve/CVE-2024-47757", }, { category: "external", summary: "SUSE Bug 1232187 for CVE-2024-47757", url: "https://bugzilla.suse.com/1232187", }, { category: "external", summary: "SUSE Bug 1232188 for CVE-2024-47757", url: "https://bugzilla.suse.com/1232188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-47757", }, { cve: "CVE-2024-49850", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49850", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos\n\nIn case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL\nreferencing a non-existing BTF type, function bpf_core_calc_relo_insn\nwould cause a null pointer deference.\n\nFix this by adding a proper check upper in call stack, as malformed\nrelocation records could be passed from user space.\n\nSimplest reproducer is a program:\n\n r0 = 0\n exit\n\nWith a single relocation record:\n\n .insn_off = 0, /* patch first instruction */\n .type_id = 100500, /* this type id does not exist */\n .access_str_off = 6, /* offset of string \"0\" */\n .kind = BPF_CORE_TYPE_ID_LOCAL,\n\nSee the link for original reproducer or next commit for a test case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49850", url: "https://www.suse.com/security/cve/CVE-2024-49850", }, { category: "external", summary: "SUSE Bug 1232189 for CVE-2024-49850", url: "https://bugzilla.suse.com/1232189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49850", }, { cve: "CVE-2024-49851", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49851", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Clean up TPM space after command failure\n\ntpm_dev_transmit prepares the TPM space before attempting command\ntransmission. However if the command fails no rollback of this\npreparation is done. This can result in transient handles being leaked\nif the device is subsequently closed with no further commands performed.\n\nFix this by flushing the space in the event of command transmission\nfailure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49851", url: "https://www.suse.com/security/cve/CVE-2024-49851", }, { category: "external", summary: "SUSE Bug 1232134 for CVE-2024-49851", url: "https://bugzilla.suse.com/1232134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49851", }, { cve: "CVE-2024-49852", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49852", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()\n\nThe kref_put() function will call nport->release if the refcount drops to\nzero. The nport->release release function is _efc_nport_free() which frees\n\"nport\". But then we dereference \"nport\" on the next line which is a use\nafter free. Re-order these lines to avoid the use after free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49852", url: "https://www.suse.com/security/cve/CVE-2024-49852", }, { category: "external", summary: "SUSE Bug 1232819 for CVE-2024-49852", url: "https://bugzilla.suse.com/1232819", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49852", }, { cve: "CVE-2024-49853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49853", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix double free in OPTEE transport\n\nChannels can be shared between protocols, avoid freeing the same channel\ndescriptors twice when unloading the stack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49853", url: "https://www.suse.com/security/cve/CVE-2024-49853", }, { category: "external", summary: "SUSE Bug 1232192 for CVE-2024-49853", url: "https://bugzilla.suse.com/1232192", }, { category: "external", summary: "SUSE Bug 1232828 for CVE-2024-49853", url: "https://bugzilla.suse.com/1232828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49853", }, { cve: "CVE-2024-49854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49854", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49854", url: "https://www.suse.com/security/cve/CVE-2024-49854", }, { category: "external", summary: "SUSE Bug 1232193 for CVE-2024-49854", url: "https://bugzilla.suse.com/1232193", }, { category: "external", summary: "SUSE Bug 1236571 for CVE-2024-49854", url: "https://bugzilla.suse.com/1236571", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49854", }, { cve: "CVE-2024-49855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49855", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix race between timeout and normal completion\n\nIf request timetout is handled by nbd_requeue_cmd(), normal completion\nhas to be stopped for avoiding to complete this requeued request, other\nuse-after-free can be triggered.\n\nFix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime\nmake sure that cmd->lock is grabbed for clearing the flag and the\nrequeue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49855", url: "https://www.suse.com/security/cve/CVE-2024-49855", }, { category: "external", summary: "SUSE Bug 1232195 for CVE-2024-49855", url: "https://bugzilla.suse.com/1232195", }, { category: "external", summary: "SUSE Bug 1232900 for CVE-2024-49855", url: "https://bugzilla.suse.com/1232900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49855", }, { cve: "CVE-2024-49856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49856", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Fix deadlock in SGX NUMA node search\n\nWhen the current node doesn't have an EPC section configured by firmware\nand all other EPC sections are used up, CPU can get stuck inside the\nwhile loop that looks for an available EPC page from remote nodes\nindefinitely, leading to a soft lockup. Note how nid_of_current will\nnever be equal to nid in that while loop because nid_of_current is not\nset in sgx_numa_mask.\n\nAlso worth mentioning is that it's perfectly fine for the firmware not\nto setup an EPC section on a node. While setting up an EPC section on\neach node can enhance performance, it is not a requirement for\nfunctionality.\n\nRework the loop to start and end on *a* node that has SGX memory. This\navoids the deadlock looking for the current SGX-lacking node to show up\nin the loop when it never will.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49856", url: "https://www.suse.com/security/cve/CVE-2024-49856", }, { category: "external", summary: "SUSE Bug 1232202 for CVE-2024-49856", url: "https://bugzilla.suse.com/1232202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49856", }, { cve: "CVE-2024-49857", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49857", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: set the cipher for secured NDP ranging\n\nThe cipher pointer is not set, but is derefereced trying to set its\ncontent, which leads to a NULL pointer dereference.\nFix it by pointing to the cipher parameter before dereferencing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49857", url: "https://www.suse.com/security/cve/CVE-2024-49857", }, { category: "external", summary: "SUSE Bug 1232203 for CVE-2024-49857", url: "https://bugzilla.suse.com/1232203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49857", }, { cve: "CVE-2024-49858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49858", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let's use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49858", url: "https://www.suse.com/security/cve/CVE-2024-49858", }, { category: "external", summary: "SUSE Bug 1232251 for CVE-2024-49858", url: "https://bugzilla.suse.com/1232251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49858", }, { cve: "CVE-2024-49859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49859", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to check atomic_file in f2fs ioctl interfaces\n\nSome f2fs ioctl interfaces like f2fs_ioc_set_pin_file(),\nf2fs_move_file_range(), and f2fs_defragment_range() missed to\ncheck atomic_write status, which may cause potential race issue,\nfix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49859", url: "https://www.suse.com/security/cve/CVE-2024-49859", }, { category: "external", summary: "SUSE Bug 1232252 for CVE-2024-49859", url: "https://bugzilla.suse.com/1232252", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49859", }, { cve: "CVE-2024-49860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49860", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: sysfs: validate return type of _STR method\n\nOnly buffer objects are valid return values of _STR.\n\nIf something else is returned description_show() will access invalid\nmemory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49860", url: "https://www.suse.com/security/cve/CVE-2024-49860", }, { category: "external", summary: "SUSE Bug 1231861 for CVE-2024-49860", url: "https://bugzilla.suse.com/1231861", }, { category: "external", summary: "SUSE Bug 1231862 for CVE-2024-49860", url: "https://bugzilla.suse.com/1231862", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49860", }, { cve: "CVE-2024-49861", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49861", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix helper writes to read-only maps\n\nLonial found an issue that despite user- and BPF-side frozen BPF map\n(like in case of .rodata), it was still possible to write into it from\na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT}\nas arguments.\n\nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode\nis never set. Later, check_helper_mem_access(), under the case of\nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the\nsubsequent call to check_map_access_type() and given the BPF map is\nread-only it succeeds.\n\nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT\nwhen results are written into them as opposed to read out of them. The\nlatter indicates that it's okay to pass a pointer to uninitialized memory\nas the memory is written to anyway.\n\nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM\njust with additional alignment requirement. So it is better to just get\nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the\nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure\nalignment given these helpers write directly into the args via *<ptr> = val.\nThe .arg*_size has been initialized reflecting the actual sizeof(*<ptr>).\n\nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated\nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know\nthe buffer size a priori and therefore cannot blindly write *<ptr> = val.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49861", url: "https://www.suse.com/security/cve/CVE-2024-49861", }, { category: "external", summary: "SUSE Bug 1232254 for CVE-2024-49861", url: "https://bugzilla.suse.com/1232254", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49861", }, { cve: "CVE-2024-49862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49862", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: intel_rapl: Fix off by one in get_rpi()\n\nThe rp->priv->rpi array is either rpi_msr or rpi_tpmi which have\nNR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >=\nto prevent an off by one access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49862", url: "https://www.suse.com/security/cve/CVE-2024-49862", }, { category: "external", summary: "SUSE Bug 1231871 for CVE-2024-49862", url: "https://bugzilla.suse.com/1231871", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49862", }, { cve: "CVE-2024-49863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49863", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost/scsi: null-ptr-dereference in vhost_scsi_get_req()\n\nSince commit 3f8ca2e115e5 (\"vhost/scsi: Extract common handling code\nfrom control queue handler\") a null pointer dereference bug can be\ntriggered when guest sends an SCSI AN request.\n\nIn vhost_scsi_ctl_handle_vq(), `vc.target` is assigned with\n`&v_req.tmf.lun[1]` within a switch-case block and is then passed to\nvhost_scsi_get_req() which extracts `vc->req` and `tpg`. However, for\na `VIRTIO_SCSI_T_AN_*` request, tpg is not required, so `vc.target` is\nset to NULL in this branch. Later, in vhost_scsi_get_req(),\n`vc->target` is dereferenced without being checked, leading to a null\npointer dereference bug. This bug can be triggered from guest.\n\nWhen this bug occurs, the vhost_worker process is killed while holding\n`vq->mutex` and the corresponding tpg will remain occupied\nindefinitely.\n\nBelow is the KASAN report:\nOops: general protection fault, probably for non-canonical address\n0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 PID: 840 Comm: poc Not tainted 6.10.0+ #1\nHardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS\n1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:vhost_scsi_get_req+0x165/0x3a0\nCode: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 02 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 65 30 4c 89 e2 48 c1 ea 03 <0f> b6\n04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 be 01 00 00\nRSP: 0018:ffff888017affb50 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffff88801b000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888017affcb8\nRBP: ffff888017affb80 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888017affc88 R14: ffff888017affd1c R15: ffff888017993000\nFS: 000055556e076500(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200027c0 CR3: 0000000010ed0004 CR4: 0000000000370ef0\nCall Trace:\n <TASK>\n ? show_regs+0x86/0xa0\n ? die_addr+0x4b/0xd0\n ? exc_general_protection+0x163/0x260\n ? asm_exc_general_protection+0x27/0x30\n ? vhost_scsi_get_req+0x165/0x3a0\n vhost_scsi_ctl_handle_vq+0x2a4/0xca0\n ? __pfx_vhost_scsi_ctl_handle_vq+0x10/0x10\n ? __switch_to+0x721/0xeb0\n ? __schedule+0xda5/0x5710\n ? __kasan_check_write+0x14/0x30\n ? _raw_spin_lock+0x82/0xf0\n vhost_scsi_ctl_handle_kick+0x52/0x90\n vhost_run_work_list+0x134/0x1b0\n vhost_task_fn+0x121/0x350\n...\n </TASK>\n---[ end trace 0000000000000000 ]---\n\nLet's add a check in vhost_scsi_get_req.\n\n[whitespace fixes]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49863", url: "https://www.suse.com/security/cve/CVE-2024-49863", }, { category: "external", summary: "SUSE Bug 1232255 for CVE-2024-49863", url: "https://bugzilla.suse.com/1232255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49863", }, { cve: "CVE-2024-49864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49864", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix a race between socket set up and I/O thread creation\n\nIn rxrpc_open_socket(), it sets up the socket and then sets up the I/O\nthread that will handle it. This is a problem, however, as there's a gap\nbetween the two phases in which a packet may come into rxrpc_encap_rcv()\nfrom the UDP packet but we oops when trying to wake the not-yet created I/O\nthread.\n\nAs a quick fix, just make rxrpc_encap_rcv() discard the packet if there's\nno I/O thread yet.\n\nA better, but more intrusive fix would perhaps be to rearrange things such\nthat the socket creation is done by the I/O thread.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49864", url: "https://www.suse.com/security/cve/CVE-2024-49864", }, { category: "external", summary: "SUSE Bug 1232256 for CVE-2024-49864", url: "https://bugzilla.suse.com/1232256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49864", }, { cve: "CVE-2024-49865", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49865", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: move xa_alloc to prevent UAF\n\nEvil user can guess the next id of the vm before the ioctl completes and\nthen call vm destroy ioctl to trigger UAF since create ioctl is still\nreferencing the same vm. Move the xa_alloc all the way to the end to\nprevent this.\n\nv2:\n - Rebase\n\n(cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49865", url: "https://www.suse.com/security/cve/CVE-2024-49865", }, { category: "external", summary: "SUSE Bug 1232257 for CVE-2024-49865", url: "https://bugzilla.suse.com/1232257", }, { category: "external", summary: "SUSE Bug 1232901 for CVE-2024-49865", url: "https://bugzilla.suse.com/1232901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49865", }, { cve: "CVE-2024-49866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49866", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Fix a race during cpuhp processing\n\nThere is another found exception that the \"timerlat/1\" thread was\nscheduled on CPU0, and lead to timer corruption finally:\n\n```\nODEBUG: init active (active state 0) object: ffff888237c2e108 object type: hrtimer hint: timerlat_irq+0x0/0x220\nWARNING: CPU: 0 PID: 426 at lib/debugobjects.c:518 debug_print_object+0x7d/0xb0\nModules linked in:\nCPU: 0 UID: 0 PID: 426 Comm: timerlat/1 Not tainted 6.11.0-rc7+ #45\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:debug_print_object+0x7d/0xb0\n...\nCall Trace:\n <TASK>\n ? __warn+0x7c/0x110\n ? debug_print_object+0x7d/0xb0\n ? report_bug+0xf1/0x1d0\n ? prb_read_valid+0x17/0x20\n ? handle_bug+0x3f/0x70\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? debug_print_object+0x7d/0xb0\n ? debug_print_object+0x7d/0xb0\n ? __pfx_timerlat_irq+0x10/0x10\n __debug_object_init+0x110/0x150\n hrtimer_init+0x1d/0x60\n timerlat_main+0xab/0x2d0\n ? __pfx_timerlat_main+0x10/0x10\n kthread+0xb7/0xe0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x40\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n```\n\nAfter tracing the scheduling event, it was discovered that the migration\nof the \"timerlat/1\" thread was performed during thread creation. Further\nanalysis confirmed that it is because the CPU online processing for\nosnoise is implemented through workers, which is asynchronous with the\noffline processing. When the worker was scheduled to create a thread, the\nCPU may has already been removed from the cpu_online_mask during the offline\nprocess, resulting in the inability to select the right CPU:\n\nT1 | T2\n[CPUHP_ONLINE] | cpu_device_down()\nosnoise_hotplug_workfn() |\n | cpus_write_lock()\n | takedown_cpu(1)\n | cpus_write_unlock()\n[CPUHP_OFFLINE] |\n cpus_read_lock() |\n start_kthread(1) |\n cpus_read_unlock() |\n\nTo fix this, skip online processing if the CPU is already offline.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49866", url: "https://www.suse.com/security/cve/CVE-2024-49866", }, { category: "external", summary: "SUSE Bug 1232259 for CVE-2024-49866", url: "https://bugzilla.suse.com/1232259", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49866", }, { cve: "CVE-2024-49867", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49867", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: wait for fixup workers before stopping cleaner kthread during umount\n\nDuring unmount, at close_ctree(), we have the following steps in this order:\n\n1) Park the cleaner kthread - this doesn't destroy the kthread, it basically\n halts its execution (wake ups against it work but do nothing);\n\n2) We stop the cleaner kthread - this results in freeing the respective\n struct task_struct;\n\n3) We call btrfs_stop_all_workers() which waits for any jobs running in all\n the work queues and then free the work queues.\n\nSyzbot reported a case where a fixup worker resulted in a crash when doing\na delayed iput on its inode while attempting to wake up the cleaner at\nbtrfs_add_delayed_iput(), because the task_struct of the cleaner kthread\nwas already freed. This can happen during unmount because we don't wait\nfor any fixup workers still running before we call kthread_stop() against\nthe cleaner kthread, which stops and free all its resources.\n\nFix this by waiting for any fixup workers at close_ctree() before we call\nkthread_stop() against the cleaner and run pending delayed iputs.\n\nThe stack traces reported by syzbot were the following:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n Read of size 8 at addr ffff8880272a8a18 by task kworker/u8:3/52\n\n CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.12.0-rc1-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Workqueue: btrfs-fixup btrfs_work_helper\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]\n try_to_wake_up+0xb0/0x1480 kernel/sched/core.c:4154\n btrfs_writepage_fixup_worker+0xc16/0xdf0 fs/btrfs/inode.c:2842\n btrfs_work_helper+0x390/0xc50 fs/btrfs/async-thread.c:314\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>\n\n Allocated by task 2:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:319 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345\n kasan_slab_alloc include/linux/kasan.h:247 [inline]\n slab_post_alloc_hook mm/slub.c:4086 [inline]\n slab_alloc_node mm/slub.c:4135 [inline]\n kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4187\n alloc_task_struct_node kernel/fork.c:180 [inline]\n dup_task_struct+0x57/0x8c0 kernel/fork.c:1107\n copy_process+0x5d1/0x3d50 kernel/fork.c:2206\n kernel_clone+0x223/0x880 kernel/fork.c:2787\n kernel_thread+0x1bc/0x240 kernel/fork.c:2849\n create_kthread kernel/kthread.c:412 [inline]\n kthreadd+0x60d/0x810 kernel/kthread.c:765\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\n Freed by task 61:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:230 [inline]\n slab_free_h\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49867", url: "https://www.suse.com/security/cve/CVE-2024-49867", }, { category: "external", summary: "SUSE Bug 1232262 for CVE-2024-49867", url: "https://bugzilla.suse.com/1232262", }, { category: "external", summary: "SUSE Bug 1232271 for CVE-2024-49867", url: "https://bugzilla.suse.com/1232271", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49867", }, { cve: "CVE-2024-49868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49868", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a NULL pointer dereference when failed to start a new trasacntion\n\n[BUG]\nSyzbot reported a NULL pointer dereference with the following crash:\n\n FAULT_INJECTION: forcing a failure.\n start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676\n prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642\n relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678\n ...\n BTRFS info (device loop0): balance: ended with status: -12\n Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667]\n RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926\n Call Trace:\n <TASK>\n commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496\n btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430\n del_balance_item fs/btrfs/volumes.c:3678 [inline]\n reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742\n btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574\n btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nThe allocation failure happens at the start_transaction() inside\nprepare_to_relocate(), and during the error handling we call\nunset_reloc_control(), which makes fs_info->balance_ctl to be NULL.\n\nThen we continue the error path cleanup in btrfs_balance() by calling\nreset_balance_state() which will call del_balance_item() to fully delete\nthe balance item in the root tree.\n\nHowever during the small window between set_reloc_contrl() and\nunset_reloc_control(), we can have a subvolume tree update and created a\nreloc_root for that subvolume.\n\nThen we go into the final btrfs_commit_transaction() of\ndel_balance_item(), and into btrfs_update_reloc_root() inside\ncommit_fs_roots().\n\nThat function checks if fs_info->reloc_ctl is in the merge_reloc_tree\nstage, but since fs_info->reloc_ctl is NULL, it results a NULL pointer\ndereference.\n\n[FIX]\nJust add extra check on fs_info->reloc_ctl inside\nbtrfs_update_reloc_root(), before checking\nfs_info->reloc_ctl->merge_reloc_tree.\n\nThat DEAD_RELOC_TREE handling is to prevent further modification to the\nreloc tree during merge stage, but since there is no reloc_ctl at all,\nwe do not need to bother that.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49868", url: "https://www.suse.com/security/cve/CVE-2024-49868", }, { category: "external", summary: "SUSE Bug 1232272 for CVE-2024-49868", url: "https://bugzilla.suse.com/1232272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49868", }, { cve: "CVE-2024-49869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49869", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: fix buffer overflow detection when copying path to cache entry\n\nStarting with commit c0247d289e73 (\"btrfs: send: annotate struct\nname_cache_entry with __counted_by()\") we annotated the variable length\narray \"name\" from the name_cache_entry structure with __counted_by() to\nimprove overflow detection. However that alone was not correct, because\nthe length of that array does not match the \"name_len\" field - it matches\nthat plus 1 to include the NUL string terminator, so that makes a\nfortified kernel think there's an overflow and report a splat like this:\n\n strcpy: detected buffer overflow: 20 byte write of buffer size 19\n WARNING: CPU: 3 PID: 3310 at __fortify_report+0x45/0x50\n CPU: 3 UID: 0 PID: 3310 Comm: btrfs Not tainted 6.11.0-prnet #1\n Hardware name: CompuLab Ltd. sbc-ihsw/Intense-PC2 (IPC2), BIOS IPC2_3.330.7 X64 03/15/2018\n RIP: 0010:__fortify_report+0x45/0x50\n Code: 48 8b 34 (...)\n RSP: 0018:ffff97ebc0d6f650 EFLAGS: 00010246\n RAX: 7749924ef60fa600 RBX: ffff8bf5446a521a RCX: 0000000000000027\n RDX: 00000000ffffdfff RSI: ffff97ebc0d6f548 RDI: ffff8bf84e7a1cc8\n RBP: ffff8bf548574080 R08: ffffffffa8c40e10 R09: 0000000000005ffd\n R10: 0000000000000004 R11: ffffffffa8c70e10 R12: ffff8bf551eef400\n R13: 0000000000000000 R14: 0000000000000013 R15: 00000000000003a8\n FS: 00007fae144de8c0(0000) GS:ffff8bf84e780000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fae14691690 CR3: 00000001027a2003 CR4: 00000000001706f0\n Call Trace:\n <TASK>\n ? __warn+0x12a/0x1d0\n ? __fortify_report+0x45/0x50\n ? report_bug+0x154/0x1c0\n ? handle_bug+0x42/0x70\n ? exc_invalid_op+0x1a/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? __fortify_report+0x45/0x50\n __fortify_panic+0x9/0x10\n __get_cur_name_and_parent+0x3bc/0x3c0\n get_cur_path+0x207/0x3b0\n send_extent_data+0x709/0x10d0\n ? find_parent_nodes+0x22df/0x25d0\n ? mas_nomem+0x13/0x90\n ? mtree_insert_range+0xa5/0x110\n ? btrfs_lru_cache_store+0x5f/0x1e0\n ? iterate_extent_inodes+0x52d/0x5a0\n process_extent+0xa96/0x11a0\n ? __pfx_lookup_backref_cache+0x10/0x10\n ? __pfx_store_backref_cache+0x10/0x10\n ? __pfx_iterate_backrefs+0x10/0x10\n ? __pfx_check_extent_item+0x10/0x10\n changed_cb+0x6fa/0x930\n ? tree_advance+0x362/0x390\n ? memcmp_extent_buffer+0xd7/0x160\n send_subvol+0xf0a/0x1520\n btrfs_ioctl_send+0x106b/0x11d0\n ? __pfx___clone_root_cmp_sort+0x10/0x10\n _btrfs_ioctl_send+0x1ac/0x240\n btrfs_ioctl+0x75b/0x850\n __se_sys_ioctl+0xca/0x150\n do_syscall_64+0x85/0x160\n ? __count_memcg_events+0x69/0x100\n ? handle_mm_fault+0x1327/0x15c0\n ? __se_sys_rt_sigprocmask+0xf1/0x180\n ? syscall_exit_to_user_mode+0x75/0xa0\n ? do_syscall_64+0x91/0x160\n ? do_user_addr_fault+0x21d/0x630\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7fae145eeb4f\n Code: 00 48 89 (...)\n RSP: 002b:00007ffdf1cb09b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fae145eeb4f\n RDX: 00007ffdf1cb0ad0 RSI: 0000000040489426 RDI: 0000000000000004\n RBP: 00000000000078fe R08: 00007fae144006c0 R09: 00007ffdf1cb0927\n R10: 0000000000000008 R11: 0000000000000246 R12: 00007ffdf1cb1ce8\n R13: 0000000000000003 R14: 000055c499fab2e0 R15: 0000000000000004\n </TASK>\n\nFix this by not storing the NUL string terminator since we don't actually\nneed it for name cache entries, this way \"name_len\" corresponds to the\nactual size of the \"name\" array. This requires marking the \"name\" array\nfield with __nonstring and using memcpy() instead of strcpy() as\nrecommended by the guidelines at:\n\n https://github.com/KSPP/linux/issues/90", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49869", url: "https://www.suse.com/security/cve/CVE-2024-49869", }, { category: "external", summary: "SUSE Bug 1232278 for CVE-2024-49869", url: "https://bugzilla.suse.com/1232278", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49869", }, { cve: "CVE-2024-49870", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49870", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix dentry leak in cachefiles_open_file()\n\nA dentry leak may be caused when a lookup cookie and a cull are concurrent:\n\n P1 | P2\n-----------------------------------------------------------\ncachefiles_lookup_cookie\n cachefiles_look_up_object\n lookup_one_positive_unlocked\n // get dentry\n cachefiles_cull\n inode->i_flags |= S_KERNEL_FILE;\n cachefiles_open_file\n cachefiles_mark_inode_in_use\n __cachefiles_mark_inode_in_use\n can_use = false\n if (!(inode->i_flags & S_KERNEL_FILE))\n can_use = true\n\t return false\n return false\n // Returns an error but doesn't put dentry\n\nAfter that the following WARNING will be triggered when the backend folder\nis umounted:\n\n==================================================================\nBUG: Dentry 000000008ad87947{i=7a,n=Dx_1_1.img} still in use (1) [unmount of ext4 sda]\nWARNING: CPU: 4 PID: 359261 at fs/dcache.c:1767 umount_check+0x5d/0x70\nCPU: 4 PID: 359261 Comm: umount Not tainted 6.6.0-dirty #25\nRIP: 0010:umount_check+0x5d/0x70\nCall Trace:\n <TASK>\n d_walk+0xda/0x2b0\n do_one_tree+0x20/0x40\n shrink_dcache_for_umount+0x2c/0x90\n generic_shutdown_super+0x20/0x160\n kill_block_super+0x1a/0x40\n ext4_kill_sb+0x22/0x40\n deactivate_locked_super+0x35/0x80\n cleanup_mnt+0x104/0x160\n==================================================================\n\nWhether cachefiles_open_file() returns true or false, the reference count\nobtained by lookup_positive_unlocked() in cachefiles_look_up_object()\nshould be released.\n\nTherefore release that reference count in cachefiles_look_up_object() to\nfix the above issue and simplify the code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49870", url: "https://www.suse.com/security/cve/CVE-2024-49870", }, { category: "external", summary: "SUSE Bug 1232279 for CVE-2024-49870", url: "https://bugzilla.suse.com/1232279", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49870", }, { cve: "CVE-2024-49871", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49871", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: adp5589-keys - fix NULL pointer dereference\n\nWe register a devm action to call adp5589_clear_config() and then pass\nthe i2c client as argument so that we can call i2c_get_clientdata() in\norder to get our device object. However, i2c_set_clientdata() is only\nbeing set at the end of the probe function which means that we'll get a\nNULL pointer dereference in case the probe function fails early.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49871", url: "https://www.suse.com/security/cve/CVE-2024-49871", }, { category: "external", summary: "SUSE Bug 1232287 for CVE-2024-49871", url: "https://bugzilla.suse.com/1232287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49871", }, { cve: "CVE-2024-49872", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49872", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/gup: fix memfd_pin_folios alloc race panic\n\nIf memfd_pin_folios tries to create a hugetlb page, but someone else\nalready did, then folio gets the value -EEXIST here:\n\n folio = memfd_alloc_folio(memfd, start_idx);\n if (IS_ERR(folio)) {\n ret = PTR_ERR(folio);\n if (ret != -EEXIST)\n goto err;\n\nthen on the next trip through the \"while start_idx\" loop we panic here:\n\n if (folio) {\n folio_put(folio);\n\nTo fix, set the folio to NULL on error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49872", url: "https://www.suse.com/security/cve/CVE-2024-49872", }, { category: "external", summary: "SUSE Bug 1232288 for CVE-2024-49872", url: "https://bugzilla.suse.com/1232288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49872", }, { cve: "CVE-2024-49873", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49873", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/filemap: fix filemap_get_folios_contig THP panic\n\nPatch series \"memfd-pin huge page fixes\".\n\nFix multiple bugs that occur when using memfd_pin_folios with hugetlb\npages and THP. The hugetlb bugs only bite when the page is not yet\nfaulted in when memfd_pin_folios is called. The THP bug bites when the\nstarting offset passed to memfd_pin_folios is not huge page aligned. See\nthe commit messages for details.\n\n\nThis patch (of 5):\n\nmemfd_pin_folios on memory backed by THP panics if the requested start\noffset is not huge page aligned:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000036\nRIP: 0010:filemap_get_folios_contig+0xdf/0x290\nRSP: 0018:ffffc9002092fbe8 EFLAGS: 00010202\nRAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000002\n\nThe fault occurs here, because xas_load returns a folio with value 2:\n\n filemap_get_folios_contig()\n for (folio = xas_load(&xas); folio && xas.xa_index <= end;\n folio = xas_next(&xas)) {\n ...\n if (!folio_try_get(folio)) <-- BOOM\n\n\"2\" is an xarray sibling entry. We get it because memfd_pin_folios does\nnot round the indices passed to filemap_get_folios_contig to huge page\nboundaries for THP, so we load from the middle of a huge page range see a\nsibling. (It does round for hugetlbfs, at the is_file_hugepages test).\n\nTo fix, if the folio is a sibling, then return the next index as the\nstarting point for the next call to filemap_get_folios_contig.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49873", url: "https://www.suse.com/security/cve/CVE-2024-49873", }, { category: "external", summary: "SUSE Bug 1232291 for CVE-2024-49873", url: "https://bugzilla.suse.com/1232291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49873", }, { cve: "CVE-2024-49874", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49874", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition\n\nIn the svc_i3c_master_probe function, &master->hj_work is bound with\nsvc_i3c_master_hj_work, &master->ibi_work is bound with\nsvc_i3c_master_ibi_work. And svc_i3c_master_ibi_work can start the\nhj_work, svc_i3c_master_irq_handler can start the ibi_work.\n\nIf we remove the module which will call svc_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | svc_i3c_master_hj_work\nsvc_i3c_master_remove |\ni3c_master_unregister(&master->base)|\ndevice_unregister(&master->dev) |\ndevice_release |\n//free master->base |\n | i3c_master_do_daa(&master->base)\n | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with the\ncleanup in svc_i3c_master_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49874", url: "https://www.suse.com/security/cve/CVE-2024-49874", }, { category: "external", summary: "SUSE Bug 1232295 for CVE-2024-49874", url: "https://bugzilla.suse.com/1232295", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49874", }, { cve: "CVE-2024-49875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49875", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: map the EBADMSG to nfserr_io to avoid warning\n\nExt4 will throw -EBADMSG through ext4_readdir when a checksum error\noccurs, resulting in the following WARNING.\n\nFix it by mapping EBADMSG to nfserr_io.\n\nnfsd_buffered_readdir\n iterate_dir // -EBADMSG -74\n ext4_readdir // .iterate_shared\n ext4_dx_readdir\n ext4_htree_fill_tree\n htree_dirblock_to_tree\n ext4_read_dirblock\n __ext4_read_dirblock\n ext4_dirblock_csum_verify\n warn_no_space_for_csum\n __warn_no_space_for_csum\n return ERR_PTR(-EFSBADCRC) // -EBADMSG -74\n nfserrno // WARNING\n\n[ 161.115610] ------------[ cut here ]------------\n[ 161.116465] nfsd: non-standard errno: -74\n[ 161.117315] WARNING: CPU: 1 PID: 780 at fs/nfsd/nfsproc.c:878 nfserrno+0x9d/0xd0\n[ 161.118596] Modules linked in:\n[ 161.119243] CPU: 1 PID: 780 Comm: nfsd Not tainted 5.10.0-00014-g79679361fd5d #138\n[ 161.120684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qe\nmu.org 04/01/2014\n[ 161.123601] RIP: 0010:nfserrno+0x9d/0xd0\n[ 161.124676] Code: 0f 87 da 30 dd 00 83 e3 01 b8 00 00 00 05 75 d7 44 89 ee 48 c7 c7 c0 57 24 98 89 44 24 04 c6\n 05 ce 2b 61 03 01 e8 99 20 d8 00 <0f> 0b 8b 44 24 04 eb b5 4c 89 e6 48 c7 c7 a0 6d a4 99 e8 cc 15 33\n[ 161.127797] RSP: 0018:ffffc90000e2f9c0 EFLAGS: 00010286\n[ 161.128794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 161.130089] RDX: 1ffff1103ee16f6d RSI: 0000000000000008 RDI: fffff520001c5f2a\n[ 161.131379] RBP: 0000000000000022 R08: 0000000000000001 R09: ffff8881f70c1827\n[ 161.132664] R10: ffffed103ee18304 R11: 0000000000000001 R12: 0000000000000021\n[ 161.133949] R13: 00000000ffffffb6 R14: ffff8881317c0000 R15: ffffc90000e2fbd8\n[ 161.135244] FS: 0000000000000000(0000) GS:ffff8881f7080000(0000) knlGS:0000000000000000\n[ 161.136695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 161.137761] CR2: 00007fcaad70b348 CR3: 0000000144256006 CR4: 0000000000770ee0\n[ 161.139041] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 161.140291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 161.141519] PKRU: 55555554\n[ 161.142076] Call Trace:\n[ 161.142575] ? __warn+0x9b/0x140\n[ 161.143229] ? nfserrno+0x9d/0xd0\n[ 161.143872] ? report_bug+0x125/0x150\n[ 161.144595] ? handle_bug+0x41/0x90\n[ 161.145284] ? exc_invalid_op+0x14/0x70\n[ 161.146009] ? asm_exc_invalid_op+0x12/0x20\n[ 161.146816] ? nfserrno+0x9d/0xd0\n[ 161.147487] nfsd_buffered_readdir+0x28b/0x2b0\n[ 161.148333] ? nfsd4_encode_dirent_fattr+0x380/0x380\n[ 161.149258] ? nfsd_buffered_filldir+0xf0/0xf0\n[ 161.150093] ? wait_for_concurrent_writes+0x170/0x170\n[ 161.151004] ? generic_file_llseek_size+0x48/0x160\n[ 161.151895] nfsd_readdir+0x132/0x190\n[ 161.152606] ? nfsd4_encode_dirent_fattr+0x380/0x380\n[ 161.153516] ? nfsd_unlink+0x380/0x380\n[ 161.154256] ? override_creds+0x45/0x60\n[ 161.155006] nfsd4_encode_readdir+0x21a/0x3d0\n[ 161.155850] ? nfsd4_encode_readlink+0x210/0x210\n[ 161.156731] ? write_bytes_to_xdr_buf+0x97/0xe0\n[ 161.157598] ? __write_bytes_to_xdr_buf+0xd0/0xd0\n[ 161.158494] ? lock_downgrade+0x90/0x90\n[ 161.159232] ? nfs4svc_decode_voidarg+0x10/0x10\n[ 161.160092] nfsd4_encode_operation+0x15a/0x440\n[ 161.160959] nfsd4_proc_compound+0x718/0xe90\n[ 161.161818] nfsd_dispatch+0x18e/0x2c0\n[ 161.162586] svc_process_common+0x786/0xc50\n[ 161.163403] ? nfsd_svc+0x380/0x380\n[ 161.164137] ? svc_printk+0x160/0x160\n[ 161.164846] ? svc_xprt_do_enqueue.part.0+0x365/0x380\n[ 161.165808] ? nfsd_svc+0x380/0x380\n[ 161.166523] ? rcu_is_watching+0x23/0x40\n[ 161.167309] svc_process+0x1a5/0x200\n[ 161.168019] nfsd+0x1f5/0x380\n[ 161.168663] ? nfsd_shutdown_threads+0x260/0x260\n[ 161.169554] kthread+0x1c4/0x210\n[ 161.170224] ? kthread_insert_work_sanity_check+0x80/0x80\n[ 161.171246] ret_from_fork+0x1f/0x30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49875", url: "https://www.suse.com/security/cve/CVE-2024-49875", }, { category: "external", summary: "SUSE Bug 1232333 for CVE-2024-49875", url: "https://bugzilla.suse.com/1232333", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-49875", }, { cve: "CVE-2024-49876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49876", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: fix UAF around queue destruction\n\nWe currently do stuff like queuing the final destruction step on a\nrandom system wq, which will outlive the driver instance. With bad\ntiming we can teardown the driver with one or more work workqueue still\nbeing alive leading to various UAF splats. Add a fini step to ensure\nuser queues are properly torn down. At this point GuC should already be\nnuked so queue itself should no longer be referenced from hw pov.\n\nv2 (Matt B)\n - Looks much safer to use a waitqueue and then just wait for the\n xa_array to become empty before triggering the drain.\n\n(cherry picked from commit 861108666cc0e999cffeab6aff17b662e68774e3)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49876", url: "https://www.suse.com/security/cve/CVE-2024-49876", }, { category: "external", summary: "SUSE Bug 1232336 for CVE-2024-49876", url: "https://bugzilla.suse.com/1232336", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49876", }, { cve: "CVE-2024-49877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49877", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate\n\nWhen doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger\nNULL pointer dereference in the following ocfs2_set_buffer_uptodate() if\nbh is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49877", url: "https://www.suse.com/security/cve/CVE-2024-49877", }, { category: "external", summary: "SUSE Bug 1232339 for CVE-2024-49877", url: "https://bugzilla.suse.com/1232339", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49877", }, { cve: "CVE-2024-49878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49878", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nresource: fix region_intersects() vs add_memory_driver_managed()\n\nOn a system with CXL memory, the resource tree (/proc/iomem) related to\nCXL memory may look like something as follows.\n\n490000000-50fffffff : CXL Window 0\n 490000000-50fffffff : region0\n 490000000-50fffffff : dax0.0\n 490000000-50fffffff : System RAM (kmem)\n\nBecause drivers/dax/kmem.c calls add_memory_driver_managed() during\nonlining CXL memory, which makes \"System RAM (kmem)\" a descendant of \"CXL\nWindow X\". This confuses region_intersects(), which expects all \"System\nRAM\" resources to be at the top level of iomem_resource. This can lead to\nbugs.\n\nFor example, when the following command line is executed to write some\nmemory in CXL memory range via /dev/mem,\n\n $ dd if=data of=/dev/mem bs=$((1 << 10)) seek=$((0x490000000 >> 10)) count=1\n dd: error writing '/dev/mem': Bad address\n 1+0 records in\n 0+0 records out\n 0 bytes copied, 0.0283507 s, 0.0 kB/s\n\nthe command fails as expected. However, the error code is wrong. It\nshould be \"Operation not permitted\" instead of \"Bad address\". More\nseriously, the /dev/mem permission checking in devmem_is_allowed() passes\nincorrectly. Although the accessing is prevented later because ioremap()\nisn't allowed to map system RAM, it is a potential security issue. During\ncommand executing, the following warning is reported in the kernel log for\ncalling ioremap() on system RAM.\n\n ioremap on RAM at 0x0000000490000000 - 0x0000000490000fff\n WARNING: CPU: 2 PID: 416 at arch/x86/mm/ioremap.c:216 __ioremap_caller.constprop.0+0x131/0x35d\n Call Trace:\n memremap+0xcb/0x184\n xlate_dev_mem_ptr+0x25/0x2f\n write_mem+0x94/0xfb\n vfs_write+0x128/0x26d\n ksys_write+0xac/0xfe\n do_syscall_64+0x9a/0xfd\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nThe details of command execution process are as follows. In the above\nresource tree, \"System RAM\" is a descendant of \"CXL Window 0\" instead of a\ntop level resource. So, region_intersects() will report no System RAM\nresources in the CXL memory region incorrectly, because it only checks the\ntop level resources. Consequently, devmem_is_allowed() will return 1\n(allow access via /dev/mem) for CXL memory region incorrectly. \nFortunately, ioremap() doesn't allow to map System RAM and reject the\naccess.\n\nSo, region_intersects() needs to be fixed to work correctly with the\nresource tree with \"System RAM\" not at top level as above. To fix it, if\nwe found a unmatched resource in the top level, we will continue to search\nmatched resources in its descendant resources. So, we will not miss any\nmatched resources in resource tree anymore.\n\nIn the new implementation, an example resource tree\n\n|------------- \"CXL Window 0\" ------------|\n|-- \"System RAM\" --|\n\nwill behave similar as the following fake resource tree for\nregion_intersects(, IORESOURCE_SYSTEM_RAM, ),\n\n|-- \"System RAM\" --||-- \"CXL Window 0a\" --|\n\nWhere \"CXL Window 0a\" is part of the original \"CXL Window 0\" that\nisn't covered by \"System RAM\".", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49878", url: "https://www.suse.com/security/cve/CVE-2024-49878", }, { category: "external", summary: "SUSE Bug 1232340 for CVE-2024-49878", url: "https://bugzilla.suse.com/1232340", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49878", }, { cve: "CVE-2024-49879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49879", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: omapdrm: Add missing check for alloc_ordered_workqueue\n\nAs it may return NULL pointer and cause NULL pointer dereference. Add check\nfor the return value of alloc_ordered_workqueue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49879", url: "https://www.suse.com/security/cve/CVE-2024-49879", }, { category: "external", summary: "SUSE Bug 1232349 for CVE-2024-49879", url: "https://bugzilla.suse.com/1232349", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49879", }, { cve: "CVE-2024-49880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49880", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off by one issue in alloc_flex_gd()\n\nWesley reported an issue:\n\n==================================================================\nEXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks\n------------[ cut here ]------------\nkernel BUG at fs/ext4/resize.c:324!\nCPU: 9 UID: 0 PID: 3576 Comm: resize2fs Not tainted 6.11.0+ #27\nRIP: 0010:ext4_resize_fs+0x1212/0x12d0\nCall Trace:\n __ext4_ioctl+0x4e0/0x1800\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0x99/0xd0\n x64_sys_call+0x1206/0x20d0\n do_syscall_64+0x72/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n==================================================================\n\nWhile reviewing the patch, Honza found that when adjusting resize_bg in\nalloc_flex_gd(), it was possible for flex_gd->resize_bg to be bigger than\nflexbg_size.\n\nThe reproduction of the problem requires the following:\n\n o_group = flexbg_size * 2 * n;\n o_size = (o_group + 1) * group_size;\n n_group: [o_group + flexbg_size, o_group + flexbg_size * 2)\n o_size = (n_group + 1) * group_size;\n\nTake n=0,flexbg_size=16 as an example:\n\n last:15\n|o---------------|--------------n-|\no_group:0 resize to n_group:30\n\nThe corresponding reproducer is:\n\nimg=test.img\nrm -f $img\ntruncate -s 600M $img\nmkfs.ext4 -F $img -b 1024 -G 16 8M\ndev=`losetup -f --show $img`\nmkdir -p /tmp/test\nmount $dev /tmp/test\nresize2fs $dev 248M\n\nDelete the problematic plus 1 to fix the issue, and add a WARN_ON_ONCE()\nto prevent the issue from happening again.\n\n[ Note: another reproucer which this commit fixes is:\n\n img=test.img\n rm -f $img\n truncate -s 25MiB $img\n mkfs.ext4 -b 4096 -E nodiscard,lazy_itable_init=0,lazy_journal_init=0 $img\n truncate -s 3GiB $img\n dev=`losetup -f --show $img`\n mkdir -p /tmp/test\n mount $dev /tmp/test\n resize2fs $dev 3G\n umount $dev\n losetup -d $dev\n\n -- TYT ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49880", url: "https://www.suse.com/security/cve/CVE-2024-49880", }, { category: "external", summary: "SUSE Bug 1232205 for CVE-2024-49880", url: "https://bugzilla.suse.com/1232205", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49880", }, { cve: "CVE-2024-49881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49881", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: update orig_path in ext4_find_extent()\n\nIn ext4_find_extent(), if the path is not big enough, we free it and set\n*orig_path to NULL. But after reallocating and successfully initializing\nthe path, we don't update *orig_path, in which case the caller gets a\nvalid path but a NULL ppath, and this may cause a NULL pointer dereference\nor a path memory leak. For example:\n\next4_split_extent\n path = *ppath = 2000\n ext4_find_extent\n if (depth > path[0].p_maxdepth)\n kfree(path = 2000);\n *orig_path = path = NULL;\n path = kcalloc() = 3000\n ext4_split_extent_at(*ppath = NULL)\n path = *ppath;\n ex = path[depth].p_ext;\n // NULL pointer dereference!\n\n==================================================================\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nCPU: 6 UID: 0 PID: 576 Comm: fsstress Not tainted 6.11.0-rc2-dirty #847\nRIP: 0010:ext4_split_extent_at+0x6d/0x560\nCall Trace:\n <TASK>\n ext4_split_extent.isra.0+0xcb/0x1b0\n ext4_ext_convert_to_initialized+0x168/0x6c0\n ext4_ext_handle_unwritten_extents+0x325/0x4d0\n ext4_ext_map_blocks+0x520/0xdb0\n ext4_map_blocks+0x2b0/0x690\n ext4_iomap_begin+0x20e/0x2c0\n[...]\n==================================================================\n\nTherefore, *orig_path is updated when the extent lookup succeeds, so that\nthe caller can safely use path or *ppath.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49881", url: "https://www.suse.com/security/cve/CVE-2024-49881", }, { category: "external", summary: "SUSE Bug 1232201 for CVE-2024-49881", url: "https://bugzilla.suse.com/1232201", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49881", }, { cve: "CVE-2024-49882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49882", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double brelse() the buffer of the extents path\n\nIn ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been\nreleased, otherwise it may be released twice. An example of what triggers\nthis is as follows:\n\n split2 map split1\n|--------|-------|--------|\n\next4_ext_map_blocks\n ext4_ext_handle_unwritten_extents\n ext4_split_convert_extents\n // path->p_depth == 0\n ext4_split_extent\n // 1. do split1\n ext4_split_extent_at\n |ext4_ext_insert_extent\n | ext4_ext_create_new_leaf\n | ext4_ext_grow_indepth\n | le16_add_cpu(&neh->eh_depth, 1)\n | ext4_find_extent\n | // return -ENOMEM\n |// get error and try zeroout\n |path = ext4_find_extent\n | path->p_depth = 1\n |ext4_ext_try_to_merge\n | ext4_ext_try_to_merge_up\n | path->p_depth = 0\n | brelse(path[1].p_bh) ---> not set to NULL here\n |// zeroout success\n // 2. update path\n ext4_find_extent\n // 3. do split2\n ext4_split_extent_at\n ext4_ext_insert_extent\n ext4_ext_create_new_leaf\n ext4_ext_grow_indepth\n le16_add_cpu(&neh->eh_depth, 1)\n ext4_find_extent\n path[0].p_bh = NULL;\n path->p_depth = 1\n read_extent_tree_block ---> return err\n // path[1].p_bh is still the old value\n ext4_free_ext_path\n ext4_ext_drop_refs\n // path->p_depth == 1\n brelse(path[1].p_bh) ---> brelse a buffer twice\n\nFinally got the following WARRNING when removing the buffer from lru:\n\n============================================\nVFS: brelse: Trying to free free buffer\nWARNING: CPU: 2 PID: 72 at fs/buffer.c:1241 __brelse+0x58/0x90\nCPU: 2 PID: 72 Comm: kworker/u19:1 Not tainted 6.9.0-dirty #716\nRIP: 0010:__brelse+0x58/0x90\nCall Trace:\n <TASK>\n __find_get_block+0x6e7/0x810\n bdev_getblk+0x2b/0x480\n __ext4_get_inode_loc+0x48a/0x1240\n ext4_get_inode_loc+0xb2/0x150\n ext4_reserve_inode_write+0xb7/0x230\n __ext4_mark_inode_dirty+0x144/0x6a0\n ext4_ext_insert_extent+0x9c8/0x3230\n ext4_ext_map_blocks+0xf45/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n============================================", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49882", url: "https://www.suse.com/security/cve/CVE-2024-49882", }, { category: "external", summary: "SUSE Bug 1232200 for CVE-2024-49882", url: "https://bugzilla.suse.com/1232200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49882", }, { cve: "CVE-2024-49883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49883", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: aovid use-after-free in ext4_ext_insert_extent()\n\nAs Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is\nreallocated in ext4_ext_create_new_leaf(), we'll use the stale path and\ncause UAF. Below is a sample trace with dummy values:\n\next4_ext_insert_extent\n path = *ppath = 2000\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(ppath)\n path = *ppath = 2000\n if (depth > path[0].p_maxdepth)\n kfree(path = 2000);\n *ppath = path = NULL;\n path = kcalloc() = 3000\n *ppath = 3000;\n return path;\n /* here path is still 2000, UAF! */\n eh = path[depth].p_hdr\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_ext_insert_extent+0x26d4/0x3330\nRead of size 8 at addr ffff8881027bf7d0 by task kworker/u36:1/179\nCPU: 3 UID: 0 PID: 179 Comm: kworker/u6:1 Not tainted 6.11.0-rc2-dirty #866\nCall Trace:\n <TASK>\n ext4_ext_insert_extent+0x26d4/0x3330\n ext4_ext_map_blocks+0xe22/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n[...]\n\nAllocated by task 179:\n ext4_find_extent+0x81c/0x1f70\n ext4_ext_map_blocks+0x146/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n ext4_writepages+0x26d/0x4e0\n do_writepages+0x175/0x700\n[...]\n\nFreed by task 179:\n kfree+0xcb/0x240\n ext4_find_extent+0x7c0/0x1f70\n ext4_ext_insert_extent+0xa26/0x3330\n ext4_ext_map_blocks+0xe22/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n ext4_writepages+0x26d/0x4e0\n do_writepages+0x175/0x700\n[...]\n==================================================================\n\nSo use *ppath to update the path to avoid the above problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49883", url: "https://www.suse.com/security/cve/CVE-2024-49883", }, { category: "external", summary: "SUSE Bug 1232199 for CVE-2024-49883", url: "https://bugzilla.suse.com/1232199", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49883", }, { cve: "CVE-2024-49884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49884", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n <TASK>\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path->p_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49884", url: "https://www.suse.com/security/cve/CVE-2024-49884", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49884", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232198 for CVE-2024-49884", url: "https://bugzilla.suse.com/1232198", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49884", }, { cve: "CVE-2024-49885", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49885", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: avoid zeroing kmalloc redzone\n\nSince commit 946fa0dbf2d8 (\"mm/slub: extend redzone check to extra\nallocated kmalloc space than requested\"), setting orig_size treats\nthe wasted space (object_size - orig_size) as a redzone. However with\ninit_on_free=1 we clear the full object->size, including the redzone.\n\nAdditionally we clear the object metadata, including the stored orig_size,\nmaking it zero, which makes check_object() treat the whole object as a\nredzone.\n\nThese issues lead to the following BUG report with \"slub_debug=FUZ\ninit_on_free=1\":\n\n[ 0.000000] =============================================================================\n[ 0.000000] BUG kmalloc-8 (Not tainted): kmalloc Redzone overwritten\n[ 0.000000] -----------------------------------------------------------------------------\n[ 0.000000]\n[ 0.000000] 0xffff000010032858-0xffff00001003285f @offset=2136. First byte 0x0 instead of 0xcc\n[ 0.000000] FIX kmalloc-8: Restoring kmalloc Redzone 0xffff000010032858-0xffff00001003285f=0xcc\n[ 0.000000] Slab 0xfffffdffc0400c80 objects=36 used=23 fp=0xffff000010032a18 flags=0x3fffe0000000200(workingset|node=0|zone=0|lastcpupid=0x1ffff)\n[ 0.000000] Object 0xffff000010032858 @offset=2136 fp=0xffff0000100328c8\n[ 0.000000]\n[ 0.000000] Redzone ffff000010032850: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Object ffff000010032858: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Redzone ffff000010032860: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Padding ffff0000100328b4: 00 00 00 00 00 00 00 00 00 00 00 00 ............\n[ 0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.11.0-rc3-next-20240814-00004-g61844c55c3f4 #144\n[ 0.000000] Hardware name: NXP i.MX95 19X19 board (DT)\n[ 0.000000] Call trace:\n[ 0.000000] dump_backtrace+0x90/0xe8\n[ 0.000000] show_stack+0x18/0x24\n[ 0.000000] dump_stack_lvl+0x74/0x8c\n[ 0.000000] dump_stack+0x18/0x24\n[ 0.000000] print_trailer+0x150/0x218\n[ 0.000000] check_object+0xe4/0x454\n[ 0.000000] free_to_partial_list+0x2f8/0x5ec\n\nTo address the issue, use orig_size to clear the used area. And restore\nthe value of orig_size after clear the remaining area.\n\nWhen CONFIG_SLUB_DEBUG not defined, (get_orig_size()' directly returns\ns->object_size. So when using memset to init the area, the size can simply\nbe orig_size, as orig_size returns object_size when CONFIG_SLUB_DEBUG not\nenabled. And orig_size can never be bigger than object_size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49885", url: "https://www.suse.com/security/cve/CVE-2024-49885", }, { category: "external", summary: "SUSE Bug 1232197 for CVE-2024-49885", url: "https://bugzilla.suse.com/1232197", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49885", }, { cve: "CVE-2024-49886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49886", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug\n\nAttaching SST PCI device to VM causes \"BUG: KASAN: slab-out-of-bounds\".\nkasan report:\n[ 19.411889] ==================================================================\n[ 19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113\n[ 19.417368]\n[ 19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G E 6.9.0 #10\n[ 19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022\n[ 19.422687] Call Trace:\n[ 19.424091] <TASK>\n[ 19.425448] dump_stack_lvl+0x5d/0x80\n[ 19.426963] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.428694] print_report+0x19d/0x52e\n[ 19.430206] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 19.431837] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.433539] kasan_report+0xf0/0x170\n[ 19.435019] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.436709] _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.438379] ? __pfx_sched_clock_cpu+0x10/0x10\n[ 19.439910] isst_if_cpu_online+0x406/0x58f [isst_if_common]\n[ 19.441573] ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common]\n[ 19.443263] ? ttwu_queue_wakelist+0x2c1/0x360\n[ 19.444797] cpuhp_invoke_callback+0x221/0xec0\n[ 19.446337] cpuhp_thread_fun+0x21b/0x610\n[ 19.447814] ? __pfx_cpuhp_thread_fun+0x10/0x10\n[ 19.449354] smpboot_thread_fn+0x2e7/0x6e0\n[ 19.450859] ? __pfx_smpboot_thread_fn+0x10/0x10\n[ 19.452405] kthread+0x29c/0x350\n[ 19.453817] ? __pfx_kthread+0x10/0x10\n[ 19.455253] ret_from_fork+0x31/0x70\n[ 19.456685] ? __pfx_kthread+0x10/0x10\n[ 19.458114] ret_from_fork_asm+0x1a/0x30\n[ 19.459573] </TASK>\n[ 19.460853]\n[ 19.462055] Allocated by task 1198:\n[ 19.463410] kasan_save_stack+0x30/0x50\n[ 19.464788] kasan_save_track+0x14/0x30\n[ 19.466139] __kasan_kmalloc+0xaa/0xb0\n[ 19.467465] __kmalloc+0x1cd/0x470\n[ 19.468748] isst_if_cdev_register+0x1da/0x350 [isst_if_common]\n[ 19.470233] isst_if_mbox_init+0x108/0xff0 [isst_if_mbox_msr]\n[ 19.471670] do_one_initcall+0xa4/0x380\n[ 19.472903] do_init_module+0x238/0x760\n[ 19.474105] load_module+0x5239/0x6f00\n[ 19.475285] init_module_from_file+0xd1/0x130\n[ 19.476506] idempotent_init_module+0x23b/0x650\n[ 19.477725] __x64_sys_finit_module+0xbe/0x130\n[ 19.476506] idempotent_init_module+0x23b/0x650\n[ 19.477725] __x64_sys_finit_module+0xbe/0x130\n[ 19.478920] do_syscall_64+0x82/0x160\n[ 19.480036] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 19.481292]\n[ 19.482205] The buggy address belongs to the object at ffff888829e65000\n which belongs to the cache kmalloc-512 of size 512\n[ 19.484818] The buggy address is located 0 bytes to the right of\n allocated 512-byte region [ffff888829e65000, ffff888829e65200)\n[ 19.487447]\n[ 19.488328] The buggy address belongs to the physical page:\n[ 19.489569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888829e60c00 pfn:0x829e60\n[ 19.491140] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 19.492466] anon flags: 0x57ffffc0000840(slab|head|node=1|zone=2|lastcpupid=0x1fffff)\n[ 19.493914] page_type: 0xffffffff()\n[ 19.494988] raw: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001\n[ 19.496451] raw: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000\n[ 19.497906] head: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001\n[ 19.499379] head: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000\n[ 19.500844] head: 0057ffffc0000003 ffffea0020a79801 ffffea0020a79848 00000000ffffffff\n[ 19.502316] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000\n[ 19.503784] page dumped because: k\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49886", url: "https://www.suse.com/security/cve/CVE-2024-49886", }, { category: "external", summary: "SUSE Bug 1232196 for CVE-2024-49886", url: "https://bugzilla.suse.com/1232196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49886", }, { cve: "CVE-2024-49887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49887", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to don't panic system for no free segment fault injection\n\nf2fs: fix to don't panic system for no free segment fault injection\n\nsyzbot reports a f2fs bug as below:\n\nF2FS-fs (loop0): inject no free segment in get_new_segment of __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167\nF2FS-fs (loop0): Stopped filesystem due to reason: 7\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/segment.c:2748!\nCPU: 0 UID: 0 PID: 5109 Comm: syz-executor304 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0\nRIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline]\nRIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836\nCall Trace:\n __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167\n f2fs_allocate_new_section fs/f2fs/segment.c:3181 [inline]\n f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3195\n f2fs_expand_inode_data+0x5d6/0xbb0 fs/f2fs/file.c:1799\n f2fs_fallocate+0x448/0x960 fs/f2fs/file.c:1903\n vfs_fallocate+0x553/0x6c0 fs/open.c:334\n do_vfs_ioctl+0x2592/0x2e50 fs/ioctl.c:886\n __do_sys_ioctl fs/ioctl.c:905 [inline]\n __se_sys_ioctl+0x81/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline]\nRIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836\n\nThe root cause is when we inject no free segment fault into f2fs,\nwe should not panic system, fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49887", url: "https://www.suse.com/security/cve/CVE-2024-49887", }, { category: "external", summary: "SUSE Bug 1232206 for CVE-2024-49887", url: "https://bugzilla.suse.com/1232206", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49887", }, { cve: "CVE-2024-49888", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49888", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a sdiv overflow issue\n\nZac Ecob reported a problem where a bpf program may cause kernel crash due\nto the following error:\n Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\n\nThe failure is due to the below signed divide:\n LLONG_MIN/-1 where LLONG_MIN equals to -9,223,372,036,854,775,808.\nLLONG_MIN/-1 is supposed to give a positive number 9,223,372,036,854,775,808,\nbut it is impossible since for 64-bit system, the maximum positive\nnumber is 9,223,372,036,854,775,807. On x86_64, LLONG_MIN/-1 will\ncause a kernel exception. On arm64, the result for LLONG_MIN/-1 is\nLLONG_MIN.\n\nFurther investigation found all the following sdiv/smod cases may trigger\nan exception when bpf program is running on x86_64 platform:\n - LLONG_MIN/-1 for 64bit operation\n - INT_MIN/-1 for 32bit operation\n - LLONG_MIN%-1 for 64bit operation\n - INT_MIN%-1 for 32bit operation\nwhere -1 can be an immediate or in a register.\n\nOn arm64, there are no exceptions:\n - LLONG_MIN/-1 = LLONG_MIN\n - INT_MIN/-1 = INT_MIN\n - LLONG_MIN%-1 = 0\n - INT_MIN%-1 = 0\nwhere -1 can be an immediate or in a register.\n\nInsn patching is needed to handle the above cases and the patched codes\nproduced results aligned with above arm64 result. The below are pseudo\ncodes to handle sdiv/smod exceptions including both divisor -1 and divisor 0\nand the divisor is stored in a register.\n\nsdiv:\n tmp = rX\n tmp += 1 /* [-1, 0] -> [0, 1]\n if tmp >(unsigned) 1 goto L2\n if tmp == 0 goto L1\n rY = 0\n L1:\n rY = -rY;\n goto L3\n L2:\n rY /= rX\n L3:\n\nsmod:\n tmp = rX\n tmp += 1 /* [-1, 0] -> [0, 1]\n if tmp >(unsigned) 1 goto L1\n if tmp == 1 (is64 ? goto L2 : goto L3)\n rY = 0;\n goto L2\n L1:\n rY %= rX\n L2:\n goto L4 // only when !is64\n L3:\n wY = wY // only when !is64\n L4:\n\n [1] https://lore.kernel.org/bpf/tPJLTEh7S_DxFEqAI2Ji5MBSoZVg7_G-Py2iaZpAaWtM961fFTWtsnlzwvTbzBzaUzwQAoNATXKUlt0LZOFgnDcIyKCswAnAGdUF3LBrhGQ=@protonmail.com/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49888", url: "https://www.suse.com/security/cve/CVE-2024-49888", }, { category: "external", summary: "SUSE Bug 1232208 for CVE-2024-49888", url: "https://bugzilla.suse.com/1232208", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49888", }, { cve: "CVE-2024-49889", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49889", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid use-after-free in ext4_ext_show_leaf()\n\nIn ext4_find_extent(), path may be freed by error or be reallocated, so\nusing a previously saved *ppath may have been freed and thus may trigger\nuse-after-free, as follows:\n\next4_split_extent\n path = *ppath;\n ext4_split_extent_at(ppath)\n path = ext4_find_extent(ppath)\n ext4_split_extent_at(ppath)\n // ext4_find_extent fails to free path\n // but zeroout succeeds\n ext4_ext_show_leaf(inode, path)\n eh = path[depth].p_hdr\n // path use-after-free !!!\n\nSimilar to ext4_split_extent_at(), we use *ppath directly as an input to\next4_ext_show_leaf(). Fix a spelling error by the way.\n\nSame problem in ext4_ext_handle_unwritten_extents(). Since 'path' is only\nused in ext4_ext_show_leaf(), remove 'path' and use *ppath directly.\n\nThis issue is triggered only when EXT_DEBUG is defined and therefore does\nnot affect functionality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49889", url: "https://www.suse.com/security/cve/CVE-2024-49889", }, { category: "external", summary: "SUSE Bug 1232215 for CVE-2024-49889", url: "https://bugzilla.suse.com/1232215", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49889", }, { cve: "CVE-2024-49890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49890", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: ensure the fw_info is not null before using it\n\nThis resolves the dereference null return value warning\nreported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49890", url: "https://www.suse.com/security/cve/CVE-2024-49890", }, { category: "external", summary: "SUSE Bug 1232217 for CVE-2024-49890", url: "https://bugzilla.suse.com/1232217", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49890", }, { cve: "CVE-2024-49891", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49891", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths\n\nWhen the HBA is undergoing a reset or is handling an errata event, NULL ptr\ndereference crashes may occur in routines such as\nlpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or\nlpfc_abort_handler().\n\nAdd NULL ptr checks before dereferencing hdwq pointers that may have been\nfreed due to operations colliding with a reset or errata event handler.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49891", url: "https://www.suse.com/security/cve/CVE-2024-49891", }, { category: "external", summary: "SUSE Bug 1232218 for CVE-2024-49891", url: "https://bugzilla.suse.com/1232218", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49891", }, { cve: "CVE-2024-49892", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49892", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Initialize get_bytes_per_element's default to 1\n\nVariables, used as denominators and maybe not assigned to other values,\nshould not be 0. bytes_per_element_y & bytes_per_element_c are\ninitialized by get_bytes_per_element() which should never return 0.\n\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49892", url: "https://www.suse.com/security/cve/CVE-2024-49892", }, { category: "external", summary: "SUSE Bug 1232220 for CVE-2024-49892", url: "https://bugzilla.suse.com/1232220", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49892", }, { cve: "CVE-2024-49893", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49893", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check stream_status before it is used\n\n[WHAT & HOW]\ndc_state_get_stream_status can return null, and therefore null must be\nchecked before stream_status is used.\n\nThis fixes 1 NULL_RETURNS issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49893", url: "https://www.suse.com/security/cve/CVE-2024-49893", }, { category: "external", summary: "SUSE Bug 1232350 for CVE-2024-49893", url: "https://bugzilla.suse.com/1232350", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49893", }, { cve: "CVE-2024-49894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49894", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index 'i' exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49894", url: "https://www.suse.com/security/cve/CVE-2024-49894", }, { category: "external", summary: "SUSE Bug 1232354 for CVE-2024-49894", url: "https://bugzilla.suse.com/1232354", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49894", }, { cve: "CVE-2024-49895", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49895", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation\n\nThis commit addresses a potential index out of bounds issue in the\n`cm3_helper_translate_curve_to_degamma_hw_format` function in the DCN30\ncolor management module. The issue could occur when the index 'i'\nexceeds the number of transfer function points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds, the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:338 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:339 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:340 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49895", url: "https://www.suse.com/security/cve/CVE-2024-49895", }, { category: "external", summary: "SUSE Bug 1232352 for CVE-2024-49895", url: "https://bugzilla.suse.com/1232352", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-49895", }, { cve: "CVE-2024-49896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49896", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check stream before comparing them\n\n[WHAT & HOW]\namdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is\nnecessary to check for null before dereferencing them.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49896", url: "https://www.suse.com/security/cve/CVE-2024-49896", }, { category: "external", summary: "SUSE Bug 1232221 for CVE-2024-49896", url: "https://bugzilla.suse.com/1232221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49896", }, { cve: "CVE-2024-49897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49897", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check phantom_stream before it is used\n\ndcn32_enable_phantom_stream can return null, so returned value\nmust be checked before used.\n\nThis fixes 1 NULL_RETURNS issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49897", url: "https://www.suse.com/security/cve/CVE-2024-49897", }, { category: "external", summary: "SUSE Bug 1232355 for CVE-2024-49897", url: "https://bugzilla.suse.com/1232355", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49897", }, { cve: "CVE-2024-49898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49898", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null-initialized variables\n\n[WHAT & HOW]\ndrr_timing and subvp_pipe are initialized to null and they are not\nalways assigned new values. It is necessary to check for null before\ndereferencing.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49898", url: "https://www.suse.com/security/cve/CVE-2024-49898", }, { category: "external", summary: "SUSE Bug 1232222 for CVE-2024-49898", url: "https://bugzilla.suse.com/1232222", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49898", }, { cve: "CVE-2024-49899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49899", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Initialize denominators' default to 1\n\n[WHAT & HOW]\nVariables used as denominators and maybe not assigned to other values,\nshould not be 0. Change their default to 1 so they are never 0.\n\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49899", url: "https://www.suse.com/security/cve/CVE-2024-49899", }, { category: "external", summary: "SUSE Bug 1232358 for CVE-2024-49899", url: "https://bugzilla.suse.com/1232358", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49899", }, { cve: "CVE-2024-49900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49900", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of new_ea in ea_buffer\n\nsyzbot reports that lzo1x_1_do_compress is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178\n\n...\n\nUninit was stored to memory at:\n ea_put fs/jfs/xattr.c:639 [inline]\n\n...\n\nLocal variable ea_buf created at:\n __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662\n __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934\n\n=====================================================\n\nThe reason is ea_buf->new_ea is not initialized properly.\n\nFix this by using memset to empty its content at the beginning\nin ea_get().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49900", url: "https://www.suse.com/security/cve/CVE-2024-49900", }, { category: "external", summary: "SUSE Bug 1232359 for CVE-2024-49900", url: "https://bugzilla.suse.com/1232359", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49900", }, { cve: "CVE-2024-49901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49901", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs\n\nThere are some cases, such as the one uncovered by Commit 46d4efcccc68\n(\"drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\")\nwhere\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL);\n\nis called on gpu->pdev == NULL, as the GPU device has not been fully\ninitialized yet.\n\nTurns out that there's more than just the aforementioned path that\ncauses this to happen (e.g. the case when there's speedbin data in the\ncatalog, but opp-supported-hw is missing in DT).\n\nAssigning msm_gpu->pdev earlier seems like the least painful solution\nto this, therefore do so.\n\nPatchwork: https://patchwork.freedesktop.org/patch/602742/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49901", url: "https://www.suse.com/security/cve/CVE-2024-49901", }, { category: "external", summary: "SUSE Bug 1232305 for CVE-2024-49901", url: "https://bugzilla.suse.com/1232305", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49901", }, { cve: "CVE-2024-49902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49902", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: check if leafidx greater than num leaves per dmap tree\n\nsyzbot report a out of bounds in dbSplit, it because dmt_leafidx greater\nthan num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf.\n\nShaggy:\nModified sanity check to apply to control pages as well as leaf pages.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49902", url: "https://www.suse.com/security/cve/CVE-2024-49902", }, { category: "external", summary: "SUSE Bug 1232378 for CVE-2024-49902", url: "https://bugzilla.suse.com/1232378", }, { category: "external", summary: "SUSE Bug 1232379 for CVE-2024-49902", url: "https://bugzilla.suse.com/1232379", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49902", }, { cve: "CVE-2024-49903", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49903", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uaf in dbFreeBits\n\n[syzbot reported]\n==================================================================\nBUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline]\nBUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\nRead of size 8 at addr ffff8880229254b0 by task syz-executor357/5216\n\nCPU: 0 UID: 0 PID: 5216 Comm: syz-executor357 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n __mutex_lock_common kernel/locking/mutex.c:587 [inline]\n __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\n dbFreeBits+0x7ea/0xd90 fs/jfs/jfs_dmap.c:2390\n dbFreeDmap fs/jfs/jfs_dmap.c:2089 [inline]\n dbFree+0x35b/0x680 fs/jfs/jfs_dmap.c:409\n dbDiscardAG+0x8a9/0xa20 fs/jfs/jfs_dmap.c:1650\n jfs_ioc_trim+0x433/0x670 fs/jfs/jfs_discard.c:100\n jfs_ioctl+0x2d0/0x3e0 fs/jfs/ioctl.c:131\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n\nFreed by task 5218:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\n __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2252 [inline]\n slab_free mm/slub.c:4473 [inline]\n kfree+0x149/0x360 mm/slub.c:4594\n dbUnmount+0x11d/0x190 fs/jfs/jfs_dmap.c:278\n jfs_mount_rw+0x4ac/0x6a0 fs/jfs/jfs_mount.c:247\n jfs_remount+0x3d1/0x6b0 fs/jfs/super.c:454\n reconfigure_super+0x445/0x880 fs/super.c:1083\n vfs_cmd_reconfigure fs/fsopen.c:263 [inline]\n vfs_fsconfig_locked fs/fsopen.c:292 [inline]\n __do_sys_fsconfig fs/fsopen.c:473 [inline]\n __se_sys_fsconfig+0xb6e/0xf80 fs/fsopen.c:345\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[Analysis]\nThere are two paths (dbUnmount and jfs_ioc_trim) that generate race\ncondition when accessing bmap, which leads to the occurrence of uaf.\n\nUse the lock s_umount to synchronize them, in order to avoid uaf caused\nby race condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49903", url: "https://www.suse.com/security/cve/CVE-2024-49903", }, { category: "external", summary: "SUSE Bug 1232362 for CVE-2024-49903", url: "https://bugzilla.suse.com/1232362", }, { category: "external", summary: "SUSE Bug 1233020 for CVE-2024-49903", url: "https://bugzilla.suse.com/1233020", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49903", }, { cve: "CVE-2024-49904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49904", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add list empty check to avoid null pointer issue\n\nAdd list empty check to avoid null pointer issues in some corner cases.\n- list_for_each_entry_safe()", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49904", url: "https://www.suse.com/security/cve/CVE-2024-49904", }, { category: "external", summary: "SUSE Bug 1232356 for CVE-2024-49904", url: "https://bugzilla.suse.com/1232356", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49904", }, { cve: "CVE-2024-49905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49905", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2)\n\nThis commit adds a null check for the 'afb' variable in the\namdgpu_dm_plane_handle_cursor_update function. Previously, 'afb' was\nassumed to be null, but was used later in the code without a null check.\nThis could potentially lead to a null pointer dereference.\n\nChanges since v1:\n- Moved the null check for 'afb' to the line where 'afb' is used. (Alex)\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_plane.c:1298 amdgpu_dm_plane_handle_cursor_update() error: we previously assumed 'afb' could be null (see line 1252)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49905", url: "https://www.suse.com/security/cve/CVE-2024-49905", }, { category: "external", summary: "SUSE Bug 1232357 for CVE-2024-49905", url: "https://bugzilla.suse.com/1232357", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49905", }, { cve: "CVE-2024-49906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49906", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointer before try to access it\n\n[why & how]\nChange the order of the pipe_ctx->plane_state check to ensure that\nplane_state is not null before accessing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49906", url: "https://www.suse.com/security/cve/CVE-2024-49906", }, { category: "external", summary: "SUSE Bug 1232332 for CVE-2024-49906", url: "https://bugzilla.suse.com/1232332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49906", }, { cve: "CVE-2024-49907", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49907", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before using dc->clk_mgr\n\n[WHY & HOW]\ndc->clk_mgr is null checked previously in the same function, indicating\nit might be null.\n\nPassing \"dc\" to \"dc->hwss.apply_idle_power_optimizations\", which\ndereferences null \"dc->clk_mgr\". (The function pointer resolves to\n\"dcn35_apply_idle_power_optimizations\".)\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49907", url: "https://www.suse.com/security/cve/CVE-2024-49907", }, { category: "external", summary: "SUSE Bug 1232334 for CVE-2024-49907", url: "https://bugzilla.suse.com/1232334", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49907", }, { cve: "CVE-2024-49908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49908", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2)\n\nThis commit adds a null check for the 'afb' variable in the\namdgpu_dm_update_cursor function. Previously, 'afb' was assumed to be\nnull at line 8388, but was used later in the code without a null check.\nThis could potentially lead to a null pointer dereference.\n\nChanges since v1:\n- Moved the null check for 'afb' to the line where 'afb' is used. (Alex)\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:8433 amdgpu_dm_update_cursor()\n\terror: we previously assumed 'afb' could be null (see line 8388)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49908", url: "https://www.suse.com/security/cve/CVE-2024-49908", }, { category: "external", summary: "SUSE Bug 1232335 for CVE-2024-49908", url: "https://bugzilla.suse.com/1232335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49908", }, { cve: "CVE-2024-49909", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49909", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn32_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null, but then it was being\ndereferenced without any null check. This could lead to a null pointer\ndereference if set_output_gamma is null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49909", url: "https://www.suse.com/security/cve/CVE-2024-49909", }, { category: "external", summary: "SUSE Bug 1232337 for CVE-2024-49909", url: "https://bugzilla.suse.com/1232337", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49909", }, { cve: "CVE-2024-49910", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49910", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn401_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null, but then it was being\ndereferenced without any null check. This could lead to a null pointer\ndereference if set_output_gamma is null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49910", url: "https://www.suse.com/security/cve/CVE-2024-49910", }, { category: "external", summary: "SUSE Bug 1232365 for CVE-2024-49910", url: "https://bugzilla.suse.com/1232365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49910", }, { cve: "CVE-2024-49911", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49911", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn20_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null at line 1030, but then it\nwas being dereferenced without any null check at line 1048. This could\npotentially lead to a null pointer dereference error if set_output_gamma\nis null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma at line 1048.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49911", url: "https://www.suse.com/security/cve/CVE-2024-49911", }, { category: "external", summary: "SUSE Bug 1232366 for CVE-2024-49911", url: "https://bugzilla.suse.com/1232366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49911", }, { cve: "CVE-2024-49912", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49912", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream'\n\nThis commit adds a null check for 'stream_status' in the function\n'planes_changed_for_existing_stream'. Previously, the code assumed\n'stream_status' could be null, but did not handle the case where it was\nactually null. This could lead to a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_resource.c:3784 planes_changed_for_existing_stream() error: we previously assumed 'stream_status' could be null (see line 3774)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49912", url: "https://www.suse.com/security/cve/CVE-2024-49912", }, { category: "external", summary: "SUSE Bug 1232367 for CVE-2024-49912", url: "https://bugzilla.suse.com/1232367", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49912", }, { cve: "CVE-2024-49913", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49913", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream\n\nThis commit addresses a null pointer dereference issue in the\n`commit_planes_for_stream` function at line 4140. The issue could occur\nwhen `top_pipe_to_program` is null.\n\nThe fix adds a check to ensure `top_pipe_to_program` is not null before\naccessing its stream_res. This prevents a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:4140 commit_planes_for_stream() error: we previously assumed 'top_pipe_to_program' could be null (see line 3906)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49913", url: "https://www.suse.com/security/cve/CVE-2024-49913", }, { category: "external", summary: "SUSE Bug 1232307 for CVE-2024-49913", url: "https://bugzilla.suse.com/1232307", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49913", }, { cve: "CVE-2024-49914", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49914", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe\n\nThis commit addresses a null pointer dereference issue in the\n`dcn20_program_pipe` function. The issue could occur when\n`pipe_ctx->plane_state` is null.\n\nThe fix adds a check to ensure `pipe_ctx->plane_state` is not null\nbefore accessing. This prevents a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn20/dcn20_hwseq.c:1925 dcn20_program_pipe() error: we previously assumed 'pipe_ctx->plane_state' could be null (see line 1877)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49914", url: "https://www.suse.com/security/cve/CVE-2024-49914", }, { category: "external", summary: "SUSE Bug 1232369 for CVE-2024-49914", url: "https://bugzilla.suse.com/1232369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49914", }, { cve: "CVE-2024-49915", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49915", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn32_init_hw` function. The issue could occur when `dc->clk_mgr` is\nnull.\n\nThe fix adds a check to ensure `dc->clk_mgr` is not null before\naccessing its functions. This prevents a potential null pointer\ndereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn32/dcn32_hwseq.c:961 dcn32_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 782)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49915", url: "https://www.suse.com/security/cve/CVE-2024-49915", }, { category: "external", summary: "SUSE Bug 1231963 for CVE-2024-49915", url: "https://bugzilla.suse.com/1231963", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49915", }, { cve: "CVE-2024-49916", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49916", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn401_init_hw` function. The issue could occur when `dc->clk_mgr` or\n`dc->clk_mgr->funcs` is null.\n\nThe fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is\nnot null before accessing its functions. This prevents a potential null\npointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn401/dcn401_hwseq.c:416 dcn401_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 225)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49916", url: "https://www.suse.com/security/cve/CVE-2024-49916", }, { category: "external", summary: "SUSE Bug 1231964 for CVE-2024-49916", url: "https://bugzilla.suse.com/1231964", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49916", }, { cve: "CVE-2024-49917", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49917", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn30_init_hw` function. The issue could occur when `dc->clk_mgr` or\n`dc->clk_mgr->funcs` is null.\n\nThe fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is\nnot null before accessing its functions. This prevents a potential null\npointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:789 dcn30_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 628)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49917", url: "https://www.suse.com/security/cve/CVE-2024-49917", }, { category: "external", summary: "SUSE Bug 1231965 for CVE-2024-49917", url: "https://bugzilla.suse.com/1231965", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49917", }, { cve: "CVE-2024-49918", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49918", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn32_acquire_idle_pipe_for_head_pipe_in_layer` function. The issue\ncould occur when `head_pipe` is null.\n\nThe fix adds a check to ensure `head_pipe` is not null before asserting\nit. If `head_pipe` is null, the function returns NULL to prevent a\npotential null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn32/dcn32_resource.c:2690 dcn32_acquire_idle_pipe_for_head_pipe_in_layer() error: we previously assumed 'head_pipe' could be null (see line 2681)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49918", url: "https://www.suse.com/security/cve/CVE-2024-49918", }, { category: "external", summary: "SUSE Bug 1231967 for CVE-2024-49918", url: "https://bugzilla.suse.com/1231967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49918", }, { cve: "CVE-2024-49919", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49919", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn201_acquire_free_pipe_for_layer` function. The issue could occur\nwhen `head_pipe` is null.\n\nThe fix adds a check to ensure `head_pipe` is not null before asserting\nit. If `head_pipe` is null, the function returns NULL to prevent a\npotential null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn201/dcn201_resource.c:1016 dcn201_acquire_free_pipe_for_layer() error: we previously assumed 'head_pipe' could be null (see line 1010)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49919", url: "https://www.suse.com/security/cve/CVE-2024-49919", }, { category: "external", summary: "SUSE Bug 1231968 for CVE-2024-49919", url: "https://bugzilla.suse.com/1231968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49919", }, { cve: "CVE-2024-49920", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49920", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before multiple uses\n\n[WHAT & HOW]\nPoniters, such as stream_enc and dc->bw_vbios, are null checked previously\nin the same function, so Coverity warns \"implies that stream_enc and\ndc->bw_vbios might be null\". They are used multiple times in the\nsubsequent code and need to be checked.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49920", url: "https://www.suse.com/security/cve/CVE-2024-49920", }, { category: "external", summary: "SUSE Bug 1232313 for CVE-2024-49920", url: "https://bugzilla.suse.com/1232313", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49920", }, { cve: "CVE-2024-49921", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49921", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before used\n\n[WHAT & HOW]\nPoniters, such as dc->clk_mgr, are null checked previously in the same\nfunction, so Coverity warns \"implies that \"dc->clk_mgr\" might be null\".\nAs a result, these pointers need to be checked when used again.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49921", url: "https://www.suse.com/security/cve/CVE-2024-49921", }, { category: "external", summary: "SUSE Bug 1232371 for CVE-2024-49921", url: "https://bugzilla.suse.com/1232371", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49921", }, { cve: "CVE-2024-49922", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49922", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before using them\n\n[WHAT & HOW]\nThese pointers are null checked previously in the same function,\nindicating they might be null as reported by Coverity. As a result,\nthey need to be checked when used again.\n\nThis fixes 3 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49922", url: "https://www.suse.com/security/cve/CVE-2024-49922", }, { category: "external", summary: "SUSE Bug 1232374 for CVE-2024-49922", url: "https://bugzilla.suse.com/1232374", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49922", }, { cve: "CVE-2024-49923", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49923", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags\n\n[WHAT & HOW]\n\"dcn20_validate_apply_pipe_split_flags\" dereferences merge, and thus it\ncannot be a null pointer. Let's pass a valid pointer to avoid null\ndereference.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49923", url: "https://www.suse.com/security/cve/CVE-2024-49923", }, { category: "external", summary: "SUSE Bug 1232361 for CVE-2024-49923", url: "https://bugzilla.suse.com/1232361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49923", }, { cve: "CVE-2024-49924", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49924", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which &fbi->task is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the &pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi->fb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi->fb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi->lcd_power(on, &fbi->fb.var)\n | //use fbi->fb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49924", url: "https://www.suse.com/security/cve/CVE-2024-49924", }, { category: "external", summary: "SUSE Bug 1232364 for CVE-2024-49924", url: "https://bugzilla.suse.com/1232364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49924", }, { cve: "CVE-2024-49925", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49925", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49925", url: "https://www.suse.com/security/cve/CVE-2024-49925", }, { category: "external", summary: "SUSE Bug 1232224 for CVE-2024-49925", url: "https://bugzilla.suse.com/1232224", }, { category: "external", summary: "SUSE Bug 1232225 for CVE-2024-49925", url: "https://bugzilla.suse.com/1232225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49925", }, { cve: "CVE-2024-49926", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49926", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()\n\nFor kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is\ndefined as NR_CPUS instead of the number of possible cpus, this\nwill cause the following system panic:\n\nsmpboot: Allowing 4 CPUs, 0 hotplug CPUs\n...\nsetup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1\n...\nBUG: unable to handle page fault for address: ffffffff9911c8c8\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 0 PID: 15 Comm: rcu_tasks_trace Tainted: G W\n6.6.21 #1 5dc7acf91a5e8e9ac9dcfc35bee0245691283ea6\nRIP: 0010:rcu_tasks_need_gpcb+0x25d/0x2c0\nRSP: 0018:ffffa371c00a3e60 EFLAGS: 00010082\nCR2: ffffffff9911c8c8 CR3: 000000040fa20005 CR4: 00000000001706f0\nCall Trace:\n<TASK>\n? __die+0x23/0x80\n? page_fault_oops+0xa4/0x180\n? exc_page_fault+0x152/0x180\n? asm_exc_page_fault+0x26/0x40\n? rcu_tasks_need_gpcb+0x25d/0x2c0\n? __pfx_rcu_tasks_kthread+0x40/0x40\nrcu_tasks_one_gp+0x69/0x180\nrcu_tasks_kthread+0x94/0xc0\nkthread+0xe8/0x140\n? __pfx_kthread+0x40/0x40\nret_from_fork+0x34/0x80\n? __pfx_kthread+0x40/0x40\nret_from_fork_asm+0x1b/0x80\n</TASK>\n\nConsidering that there may be holes in the CPU numbers, use the\nmaximum possible cpu number, instead of nr_cpu_ids, for configuring\nenqueue and dequeue limits.\n\n[ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49926", url: "https://www.suse.com/security/cve/CVE-2024-49926", }, { category: "external", summary: "SUSE Bug 1232247 for CVE-2024-49926", url: "https://bugzilla.suse.com/1232247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49926", }, { cve: "CVE-2024-49927", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49927", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/ioapic: Handle allocation failures gracefully\n\nBreno observed panics when using failslab under certain conditions during\nruntime:\n\n can not alloc irq_pin_list (-1,0,20)\n Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed\n\n panic+0x4e9/0x590\n mp_irqdomain_alloc+0x9ab/0xa80\n irq_domain_alloc_irqs_locked+0x25d/0x8d0\n __irq_domain_alloc_irqs+0x80/0x110\n mp_map_pin_to_irq+0x645/0x890\n acpi_register_gsi_ioapic+0xe6/0x150\n hpet_open+0x313/0x480\n\nThat's a pointless panic which is a leftover of the historic IO/APIC code\nwhich panic'ed during early boot when the interrupt allocation failed.\n\nThe only place which might justify panic is the PIT/HPET timer_check() code\nwhich tries to figure out whether the timer interrupt is delivered through\nthe IO/APIC. But that code does not require to handle interrupt allocation\nfailures. If the interrupt cannot be allocated then timer delivery fails\nand it either panics due to that or falls back to legacy mode.\n\nCure this by removing the panic wrapper around __add_pin_to_irq_node() and\nmaking mp_irqdomain_alloc() aware of the failure condition and handle it as\nany other failure in this function gracefully.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49927", url: "https://www.suse.com/security/cve/CVE-2024-49927", }, { category: "external", summary: "SUSE Bug 1232249 for CVE-2024-49927", url: "https://bugzilla.suse.com/1232249", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49927", }, { cve: "CVE-2024-49928", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49928", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid reading out of bounds when loading TX power FW elements\n\nBecause the loop-expression will do one more time before getting false from\ncond-expression, the original code copied one more entry size beyond valid\nregion.\n\nFix it by moving the entry copy to loop-body.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49928", url: "https://www.suse.com/security/cve/CVE-2024-49928", }, { category: "external", summary: "SUSE Bug 1232250 for CVE-2024-49928", url: "https://bugzilla.suse.com/1232250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49928", }, { cve: "CVE-2024-49929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49929", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: avoid NULL pointer dereference\n\niwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta\npointer is not NULL.\nIt retrieves this pointer using iwl_mvm_sta_from_mac80211, which is\ndereferencing the ieee80211_sta pointer.\nIf sta is NULL, iwl_mvm_sta_from_mac80211 will dereference a NULL\npointer.\nFix this by checking the sta pointer before retrieving the mvmsta\nfrom it. If sta is not NULL, then mvmsta isn't either.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49929", url: "https://www.suse.com/security/cve/CVE-2024-49929", }, { category: "external", summary: "SUSE Bug 1232253 for CVE-2024-49929", url: "https://bugzilla.suse.com/1232253", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49929", }, { cve: "CVE-2024-49930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49930", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix array out-of-bound access in SoC stats\n\nCurrently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a\nmaximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx()\nfunction access ath11k_soc_dp_stats::hal_reo_error using the REO\ndestination SRNG ring ID, which is incorrect. SRNG ring ID differ from\nnormal ring ID, and this usage leads to out-of-bounds array access. To fix\nthis issue, modify ath11k_dp_process_rx() to use the normal ring ID\ndirectly instead of the SRNG ring ID to avoid out-of-bounds array access.\n\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49930", url: "https://www.suse.com/security/cve/CVE-2024-49930", }, { category: "external", summary: "SUSE Bug 1232260 for CVE-2024-49930", url: "https://bugzilla.suse.com/1232260", }, { category: "external", summary: "SUSE Bug 1232261 for CVE-2024-49930", url: "https://bugzilla.suse.com/1232261", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49930", }, { cve: "CVE-2024-49931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49931", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix array out-of-bound access in SoC stats\n\nCurrently, the ath12k_soc_dp_stats::hal_reo_error array is defined with a\nmaximum size of DP_REO_DST_RING_MAX. However, the ath12k_dp_rx_process()\nfunction access ath12k_soc_dp_stats::hal_reo_error using the REO\ndestination SRNG ring ID, which is incorrect. SRNG ring ID differ from\nnormal ring ID, and this usage leads to out-of-bounds array access. To\nfix this issue, modify ath12k_dp_rx_process() to use the normal ring ID\ndirectly instead of the SRNG ring ID to avoid out-of-bounds array access.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49931", url: "https://www.suse.com/security/cve/CVE-2024-49931", }, { category: "external", summary: "SUSE Bug 1232275 for CVE-2024-49931", url: "https://bugzilla.suse.com/1232275", }, { category: "external", summary: "SUSE Bug 1232277 for CVE-2024-49931", url: "https://bugzilla.suse.com/1232277", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49931", }, { cve: "CVE-2024-49932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49932", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't readahead the relocation inode on RST\n\nOn relocation we're doing readahead on the relocation inode, but if the\nfilesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due to\npreallocated extents not being mapped in the RST) from the lookup.\n\nBut readahead doesn't handle the error and submits invalid reads to the\ndevice, causing an assertion in the scatter-gather list code:\n\n BTRFS info (device nvme1n1): balance: start -d -m -s\n BTRFS info (device nvme1n1): relocating block group 6480920576 flags data|raid0\n BTRFS error (device nvme1n1): cannot find raid-stripe for logical [6481928192, 6481969152] devid 2, profile raid0\n ------------[ cut here ]------------\n kernel BUG at include/linux/scatterlist.h:115!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 1012 Comm: btrfs Not tainted 6.10.0-rc7+ #567\n RIP: 0010:__blk_rq_map_sg+0x339/0x4a0\n RSP: 0018:ffffc90001a43820 EFLAGS: 00010202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802\n RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000\n RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8\n R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000\n FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000002cd11000 CR3: 00000001109ea001 CR4: 0000000000370eb0\n Call Trace:\n <TASK>\n ? __die_body.cold+0x14/0x25\n ? die+0x2e/0x50\n ? do_trap+0xca/0x110\n ? do_error_trap+0x65/0x80\n ? __blk_rq_map_sg+0x339/0x4a0\n ? exc_invalid_op+0x50/0x70\n ? __blk_rq_map_sg+0x339/0x4a0\n ? asm_exc_invalid_op+0x1a/0x20\n ? __blk_rq_map_sg+0x339/0x4a0\n nvme_prep_rq.part.0+0x9d/0x770\n nvme_queue_rq+0x7d/0x1e0\n __blk_mq_issue_directly+0x2a/0x90\n ? blk_mq_get_budget_and_tag+0x61/0x90\n blk_mq_try_issue_list_directly+0x56/0xf0\n blk_mq_flush_plug_list.part.0+0x52b/0x5d0\n __blk_flush_plug+0xc6/0x110\n blk_finish_plug+0x28/0x40\n read_pages+0x160/0x1c0\n page_cache_ra_unbounded+0x109/0x180\n relocate_file_extent_cluster+0x611/0x6a0\n ? btrfs_search_slot+0xba4/0xd20\n ? balance_dirty_pages_ratelimited_flags+0x26/0xb00\n relocate_data_extent.constprop.0+0x134/0x160\n relocate_block_group+0x3f2/0x500\n btrfs_relocate_block_group+0x250/0x430\n btrfs_relocate_chunk+0x3f/0x130\n btrfs_balance+0x71b/0xef0\n ? kmalloc_trace_noprof+0x13b/0x280\n btrfs_ioctl+0x2c2e/0x3030\n ? kvfree_call_rcu+0x1e6/0x340\n ? list_lru_add_obj+0x66/0x80\n ? mntput_no_expire+0x3a/0x220\n __x64_sys_ioctl+0x96/0xc0\n do_syscall_64+0x54/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7fcc04514f9b\n Code: Unable to access opcode bytes at 0x7fcc04514f71.\n RSP: 002b:00007ffeba923370 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcc04514f9b\n RDX: 00007ffeba923460 RSI: 00000000c4009420 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000013 R09: 0000000000000001\n R10: 00007fcc043fbba8 R11: 0000000000000246 R12: 00007ffeba924fc5\n R13: 00007ffeba923460 R14: 0000000000000002 R15: 00000000004d4bb0\n </TASK>\n Modules linked in:\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:__blk_rq_map_sg+0x339/0x4a0\n RSP: 0018:ffffc90001a43820 EFLAGS: 00010202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802\n RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000\n RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8\n R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000\n FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fcc04514f71 CR3: 00000001109ea001 CR4: 0000000000370eb0\n Kernel p\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49932", url: "https://www.suse.com/security/cve/CVE-2024-49932", }, { category: "external", summary: "SUSE Bug 1232376 for CVE-2024-49932", url: "https://bugzilla.suse.com/1232376", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49932", }, { cve: "CVE-2024-49933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49933", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk_iocost: fix more out of bound shifts\n\nRecently running UBSAN caught few out of bound shifts in the\nioc_forgive_debts() function:\n\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38\nshift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long\nlong')\n...\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30\nshift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long\nlong')\n...\nCall Trace:\n<IRQ>\ndump_stack_lvl+0xca/0x130\n__ubsan_handle_shift_out_of_bounds+0x22c/0x280\n? __lock_acquire+0x6441/0x7c10\nioc_timer_fn+0x6cec/0x7750\n? blk_iocost_init+0x720/0x720\n? call_timer_fn+0x5d/0x470\ncall_timer_fn+0xfa/0x470\n? blk_iocost_init+0x720/0x720\n__run_timer_base+0x519/0x700\n...\n\nActual impact of this issue was not identified but I propose to fix the\nundefined behaviour.\nThe proposed fix to prevent those out of bound shifts consist of\nprecalculating exponent before using it the shift operations by taking\nmin value from the actual exponent and maximum possible number of bits.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49933", url: "https://www.suse.com/security/cve/CVE-2024-49933", }, { category: "external", summary: "SUSE Bug 1232368 for CVE-2024-49933", url: "https://bugzilla.suse.com/1232368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49933", }, { cve: "CVE-2024-49934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49934", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name\n\nIt's observed that a crash occurs during hot-remove a memory device,\nin which user is accessing the hugetlb. See calltrace as following:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 14045 at arch/x86/mm/fault.c:1278 do_user_addr_fault+0x2a0/0x790\nModules linked in: kmem device_dax cxl_mem cxl_pmem cxl_port cxl_pci dax_hmem dax_pmem nd_pmem cxl_acpi nd_btt cxl_core crc32c_intel nvme virtiofs fuse nvme_core nfit libnvdimm dm_multipath scsi_dh_rdac scsi_dh_emc s\nmirror dm_region_hash dm_log dm_mod\nCPU: 1 PID: 14045 Comm: daxctl Not tainted 6.10.0-rc2-lizhijian+ #492\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:do_user_addr_fault+0x2a0/0x790\nCode: 48 8b 00 a8 04 0f 84 b5 fe ff ff e9 1c ff ff ff 4c 89 e9 4c 89 e2 be 01 00 00 00 bf 02 00 00 00 e8 b5 ef 24 00 e9 42 fe ff ff <0f> 0b 48 83 c4 08 4c 89 ea 48 89 ee 4c 89 e7 5b 5d 41 5c 41 5d 41\nRSP: 0000:ffffc90000a575f0 EFLAGS: 00010046\nRAX: ffff88800c303600 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000001000 RSI: ffffffff82504162 RDI: ffffffff824b2c36\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffc90000a57658\nR13: 0000000000001000 R14: ffff88800bc2e040 R15: 0000000000000000\nFS: 00007f51cb57d880(0000) GS:ffff88807fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000001000 CR3: 00000000072e2004 CR4: 00000000001706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ? __warn+0x8d/0x190\n ? do_user_addr_fault+0x2a0/0x790\n ? report_bug+0x1c3/0x1d0\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? do_user_addr_fault+0x2a0/0x790\n ? exc_page_fault+0x31/0x200\n exc_page_fault+0x68/0x200\n<...snip...>\nBUG: unable to handle page fault for address: 0000000000001000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n ---[ end trace 0000000000000000 ]---\n BUG: unable to handle page fault for address: 0000000000001000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 14045 Comm: daxctl Kdump: loaded Tainted: G W 6.10.0-rc2-lizhijian+ #492\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n RIP: 0010:dentry_name+0x1f4/0x440\n<...snip...>\n? dentry_name+0x2fa/0x440\nvsnprintf+0x1f3/0x4f0\nvprintk_store+0x23a/0x540\nvprintk_emit+0x6d/0x330\n_printk+0x58/0x80\ndump_mapping+0x10b/0x1a0\n? __pfx_free_object_rcu+0x10/0x10\n__dump_page+0x26b/0x3e0\n? vprintk_emit+0xe0/0x330\n? _printk+0x58/0x80\n? dump_page+0x17/0x50\ndump_page+0x17/0x50\ndo_migrate_range+0x2f7/0x7f0\n? do_migrate_range+0x42/0x7f0\n? offline_pages+0x2f4/0x8c0\noffline_pages+0x60a/0x8c0\nmemory_subsys_offline+0x9f/0x1c0\n? lockdep_hardirqs_on+0x77/0x100\n? _raw_spin_unlock_irqrestore+0x38/0x60\ndevice_offline+0xe3/0x110\nstate_store+0x6e/0xc0\nkernfs_fop_write_iter+0x143/0x200\nvfs_write+0x39f/0x560\nksys_write+0x65/0xf0\ndo_syscall_64+0x62/0x130\n\nPreviously, some sanity check have been done in dump_mapping() before\nthe print facility parsing '%pd' though, it's still possible to run into\nan invalid dentry.d_name.name.\n\nSince dump_mapping() only needs to dump the filename only, retrieve it\nby itself in a safer way to prevent an unnecessary crash.\n\nNote that either retrieving the filename with '%pd' or\nstrncpy_from_kernel_nofault(), the filename could be unreliable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49934", url: "https://www.suse.com/security/cve/CVE-2024-49934", }, { category: "external", summary: "SUSE Bug 1232387 for CVE-2024-49934", url: "https://bugzilla.suse.com/1232387", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49934", }, { cve: "CVE-2024-49935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49935", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: PAD: fix crash in exit_round_robin()\n\nThe kernel occasionally crashes in cpumask_clear_cpu(), which is called\nwithin exit_round_robin(), because when executing clear_bit(nr, addr) with\nnr set to 0xffffffff, the address calculation may cause misalignment within\nthe memory, leading to access to an invalid memory address.\n\n----------\nBUG: unable to handle kernel paging request at ffffffffe0740618\n ...\nCPU: 3 PID: 2919323 Comm: acpi_pad/14 Kdump: loaded Tainted: G OE X --------- - - 4.18.0-425.19.2.el8_7.x86_64 #1\n ...\nRIP: 0010:power_saving_thread+0x313/0x411 [acpi_pad]\nCode: 89 cd 48 89 d3 eb d1 48 c7 c7 55 70 72 c0 e8 64 86 b0 e4 c6 05 0d a1 02 00 01 e9 bc fd ff ff 45 89 e4 42 8b 04 a5 20 82 72 c0 <f0> 48 0f b3 05 f4 9c 01 00 42 c7 04 a5 20 82 72 c0 ff ff ff ff 31\nRSP: 0018:ff72a5d51fa77ec8 EFLAGS: 00010202\nRAX: 00000000ffffffff RBX: ff462981e5d8cb80 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\nRBP: ff46297556959d80 R08: 0000000000000382 R09: ff46297c8d0f38d8\nR10: 0000000000000000 R11: 0000000000000001 R12: 000000000000000e\nR13: 0000000000000000 R14: ffffffffffffffff R15: 000000000000000e\nFS: 0000000000000000(0000) GS:ff46297a800c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffe0740618 CR3: 0000007e20410004 CR4: 0000000000771ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n ? acpi_pad_add+0x120/0x120 [acpi_pad]\n kthread+0x10b/0x130\n ? set_kthread_struct+0x50/0x50\n ret_from_fork+0x1f/0x40\n ...\nCR2: ffffffffe0740618\n\ncrash> dis -lr ffffffffc0726923\n ...\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 114\n0xffffffffc0726918 <power_saving_thread+776>:\tmov %r12d,%r12d\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 325\n0xffffffffc072691b <power_saving_thread+779>:\tmov -0x3f8d7de0(,%r12,4),%eax\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./arch/x86/include/asm/bitops.h: 80\n0xffffffffc0726923 <power_saving_thread+787>:\tlock btr %rax,0x19cf4(%rip) # 0xffffffffc0740620 <pad_busy_cpus_bits>\n\ncrash> px tsk_in_cpu[14]\n$66 = 0xffffffff\n\ncrash> px 0xffffffffc072692c+0x19cf4\n$99 = 0xffffffffc0740620\n\ncrash> sym 0xffffffffc0740620\nffffffffc0740620 (b) pad_busy_cpus_bits [acpi_pad]\n\ncrash> px pad_busy_cpus_bits[0]\n$42 = 0xfffc0\n----------\n\nTo fix this, ensure that tsk_in_cpu[tsk_index] != -1 before calling\ncpumask_clear_cpu() in exit_round_robin(), just as it is done in\nround_robin_cpu().\n\n[ rjw: Subject edit, avoid updates to the same value ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49935", url: "https://www.suse.com/security/cve/CVE-2024-49935", }, { category: "external", summary: "SUSE Bug 1232370 for CVE-2024-49935", url: "https://bugzilla.suse.com/1232370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49935", }, { cve: "CVE-2024-49936", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49936", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/xen-netback: prevent UAF in xenvif_flush_hash()\n\nDuring the list_for_each_entry_rcu iteration call of xenvif_flush_hash,\nkfree_rcu does not exist inside the rcu read critical section, so if\nkfree_rcu is called when the rcu grace period ends during the iteration,\nUAF occurs when accessing head->next after the entry becomes free.\n\nTherefore, to solve this, you need to change it to list_for_each_entry_safe.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49936", url: "https://www.suse.com/security/cve/CVE-2024-49936", }, { category: "external", summary: "SUSE Bug 1232424 for CVE-2024-49936", url: "https://bugzilla.suse.com/1232424", }, { category: "external", summary: "SUSE Bug 1232426 for CVE-2024-49936", url: "https://bugzilla.suse.com/1232426", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49936", }, { cve: "CVE-2024-49937", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49937", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Set correct chandef when starting CAC\n\nWhen starting CAC in a mode other than AP mode, it return a\n\"WARNING: CPU: 0 PID: 63 at cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\"\ncaused by the chandef.chan being null at the end of CAC.\n\nSolution: Ensure the channel definition is set for the different modes\nwhen starting CAC to avoid getting a NULL 'chan' at the end of CAC.\n\n Call Trace:\n ? show_regs.part.0+0x14/0x16\n ? __warn+0x67/0xc0\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? report_bug+0xa7/0x130\n ? exc_overflow+0x30/0x30\n ? handle_bug+0x27/0x50\n ? exc_invalid_op+0x18/0x60\n ? handle_exception+0xf6/0xf6\n ? exc_overflow+0x30/0x30\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? exc_overflow+0x30/0x30\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? regulatory_propagate_dfs_state.cold+0x1b/0x4c [cfg80211]\n ? cfg80211_propagate_cac_done_wk+0x1a/0x30 [cfg80211]\n ? process_one_work+0x165/0x280\n ? worker_thread+0x120/0x3f0\n ? kthread+0xc2/0xf0\n ? process_one_work+0x280/0x280\n ? kthread_complete_and_exit+0x20/0x20\n ? ret_from_fork+0x19/0x24\n\n[shorten subject, remove OCB, reorder cases to match previous list]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49937", url: "https://www.suse.com/security/cve/CVE-2024-49937", }, { category: "external", summary: "SUSE Bug 1232427 for CVE-2024-49937", url: "https://bugzilla.suse.com/1232427", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49937", }, { cve: "CVE-2024-49938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49938", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49938", url: "https://www.suse.com/security/cve/CVE-2024-49938", }, { category: "external", summary: "SUSE Bug 1232552 for CVE-2024-49938", url: "https://bugzilla.suse.com/1232552", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49938", }, { cve: "CVE-2024-49939", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49939", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid to add interface to list twice when SER\n\nIf SER L2 occurs during the WoWLAN resume flow, the add interface flow\nis triggered by ieee80211_reconfig(). However, due to\nrtw89_wow_resume() return failure, it will cause the add interface flow\nto be executed again, resulting in a double add list and causing a kernel\npanic. Therefore, we have added a check to prevent double adding of the\nlist.\n\nlist_add double add: new=ffff99d6992e2010, prev=ffff99d6992e2010, next=ffff99d695302628.\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:37!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W O 6.6.30-02659-gc18865c4dfbd #1 770df2933251a0e3c888ba69d1053a817a6376a7\nHardware name: HP Grunt/Grunt, BIOS Google_Grunt.11031.169.0 06/24/2021\nWorkqueue: events_freezable ieee80211_restart_work [mac80211]\nRIP: 0010:__list_add_valid_or_report+0x5e/0xb0\nCode: c7 74 18 48 39 ce 74 13 b0 01 59 5a 5e 5f 41 58 41 59 41 5a 5d e9 e2 d6 03 00 cc 48 c7 c7 8d 4f 17 83 48 89 c2 e8 02 c0 00 00 <0f> 0b 48 c7 c7 aa 8c 1c 83 e8 f4 bf 00 00 0f 0b 48 c7 c7 c8 bc 12\nRSP: 0018:ffffa91b8007bc50 EFLAGS: 00010246\nRAX: 0000000000000058 RBX: ffff99d6992e0900 RCX: a014d76c70ef3900\nRDX: ffffa91b8007bae8 RSI: 00000000ffffdfff RDI: 0000000000000001\nRBP: ffffa91b8007bc88 R08: 0000000000000000 R09: ffffa91b8007bae0\nR10: 00000000ffffdfff R11: ffffffff83a79800 R12: ffff99d695302060\nR13: ffff99d695300900 R14: ffff99d6992e1be0 R15: ffff99d6992e2010\nFS: 0000000000000000(0000) GS:ffff99d6aac00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000078fbdba43480 CR3: 000000010e464000 CR4: 00000000001506f0\nCall Trace:\n <TASK>\n ? __die_body+0x1f/0x70\n ? die+0x3d/0x60\n ? do_trap+0xa4/0x110\n ? __list_add_valid_or_report+0x5e/0xb0\n ? do_error_trap+0x6d/0x90\n ? __list_add_valid_or_report+0x5e/0xb0\n ? handle_invalid_op+0x30/0x40\n ? __list_add_valid_or_report+0x5e/0xb0\n ? exc_invalid_op+0x3c/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_add_valid_or_report+0x5e/0xb0\n rtw89_ops_add_interface+0x309/0x310 [rtw89_core 7c32b1ee6854761c0321027c8a58c5160e41f48f]\n drv_add_interface+0x5c/0x130 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n ieee80211_reconfig+0x241/0x13d0 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n ? finish_wait+0x3e/0x90\n ? synchronize_rcu_expedited+0x174/0x260\n ? sync_rcu_exp_done_unlocked+0x50/0x50\n ? wake_bit_function+0x40/0x40\n ieee80211_restart_work+0xf0/0x140 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n process_scheduled_works+0x1e5/0x480\n worker_thread+0xea/0x1e0\n kthread+0xdb/0x110\n ? move_linked_works+0x90/0x90\n ? kthread_associate_blkcg+0xa0/0xa0\n ret_from_fork+0x3b/0x50\n ? kthread_associate_blkcg+0xa0/0xa0\n ret_from_fork_asm+0x11/0x20\n </TASK>\nModules linked in: dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc rfcomm cmac uinput algif_hash algif_skcipher af_alg btusb btrtl iio_trig_hrtimer industrialio_sw_trigger btmtk industrialio_configfs btbcm btintel uvcvideo videobuf2_vmalloc iio_trig_sysfs videobuf2_memops videobuf2_v4l2 videobuf2_common uvc snd_hda_codec_hdmi veth snd_hda_intel snd_intel_dspcfg acpi_als snd_hda_codec industrialio_triggered_buffer kfifo_buf snd_hwdep industrialio i2c_piix4 snd_hda_core designware_i2s ip6table_nat snd_soc_max98357a xt_MASQUERADE xt_cgroup snd_soc_acp_rt5682_mach fuse rtw89_8922ae(O) rtw89_8922a(O) rtw89_pci(O) rtw89_core(O) 8021q mac80211(O) bluetooth ecdh_generic ecc cfg80211 r8152 mii joydev\ngsmi: Log Shutdown Reason 0x03\n---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49939", url: "https://www.suse.com/security/cve/CVE-2024-49939", }, { category: "external", summary: "SUSE Bug 1232381 for CVE-2024-49939", url: "https://bugzilla.suse.com/1232381", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49939", }, { cve: "CVE-2024-49940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49940", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session->tunnel is non-NULL. However, session->tunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession->tunnel is non-NULL when the tunnel refcount hasn't been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession->tunnel to get the tunnel's encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session->tunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn't yet have session->tunnel set. Add a check for\nthis case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49940", url: "https://www.suse.com/security/cve/CVE-2024-49940", }, { category: "external", summary: "SUSE Bug 1232812 for CVE-2024-49940", url: "https://bugzilla.suse.com/1232812", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49940", }, { cve: "CVE-2024-49941", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49941", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: Fix potential NULL pointer dereference in gpiod_get_label()\n\nIn `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may\nreturn a NULL pointer, leading to a scenario where `label->str` is accessed\nwithout verifying if `label` itself is NULL.\n\nThis patch adds a proper NULL check for `label` before accessing\n`label->str`. The check for `label->str != NULL` is removed because\n`label->str` can never be NULL if `label` is not NULL.\n\nThis fixes the issue where the label name was being printed as `(efault)`\nwhen dumping the sysfs GPIO file when `label == NULL`.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49941", url: "https://www.suse.com/security/cve/CVE-2024-49941", }, { category: "external", summary: "SUSE Bug 1232169 for CVE-2024-49941", url: "https://bugzilla.suse.com/1232169", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49941", }, { cve: "CVE-2024-49942", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49942", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Prevent null pointer access in xe_migrate_copy\n\nxe_migrate_copy designed to copy content of TTM resources. When source\nresource is null, it will trigger a NULL pointer dereference in\nxe_migrate_copy. To avoid this situation, update lacks source flag to\ntrue for this case, the flag will trigger xe_migrate_clear rather than\nxe_migrate_copy.\n\nIssue trace:\n<7> [317.089847] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 14,\n sizes: 4194304 & 4194304\n<7> [317.089945] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 15,\n sizes: 4194304 & 4194304\n<1> [317.128055] BUG: kernel NULL pointer dereference, address:\n 0000000000000010\n<1> [317.128064] #PF: supervisor read access in kernel mode\n<1> [317.128066] #PF: error_code(0x0000) - not-present page\n<6> [317.128069] PGD 0 P4D 0\n<4> [317.128071] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n<4> [317.128074] CPU: 1 UID: 0 PID: 1440 Comm: kunit_try_catch Tainted:\n G U N 6.11.0-rc7-xe #1\n<4> [317.128078] Tainted: [U]=USER, [N]=TEST\n<4> [317.128080] Hardware name: Intel Corporation Lunar Lake Client\n Platform/LNL-M LP5 RVP1, BIOS LNLMFWI1.R00.3221.D80.2407291239 07/29/2024\n<4> [317.128082] RIP: 0010:xe_migrate_copy+0x66/0x13e0 [xe]\n<4> [317.128158] Code: 00 00 48 89 8d e0 fe ff ff 48 8b 40 10 4c 89 85 c8\n fe ff ff 44 88 8d bd fe ff ff 65 48 8b 3c 25 28 00 00 00 48 89 7d d0 31\n ff <8b> 79 10 48 89 85 a0 fe ff ff 48 8b 00 48 89 b5 d8 fe ff ff 83 ff\n<4> [317.128162] RSP: 0018:ffffc9000167f9f0 EFLAGS: 00010246\n<4> [317.128164] RAX: ffff8881120d8028 RBX: ffff88814d070428 RCX:\n 0000000000000000\n<4> [317.128166] RDX: ffff88813cb99c00 RSI: 0000000004000000 RDI:\n 0000000000000000\n<4> [317.128168] RBP: ffffc9000167fbb8 R08: ffff88814e7b1f08 R09:\n 0000000000000001\n<4> [317.128170] R10: 0000000000000001 R11: 0000000000000001 R12:\n ffff88814e7b1f08\n<4> [317.128172] R13: ffff88814e7b1f08 R14: ffff88813cb99c00 R15:\n 0000000000000001\n<4> [317.128174] FS: 0000000000000000(0000) GS:ffff88846f280000(0000)\n knlGS:0000000000000000\n<4> [317.128176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n<4> [317.128178] CR2: 0000000000000010 CR3: 000000011f676004 CR4:\n 0000000000770ef0\n<4> [317.128180] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n 0000000000000000\n<4> [317.128182] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7:\n 0000000000000400\n<4> [317.128184] PKRU: 55555554\n<4> [317.128185] Call Trace:\n<4> [317.128187] <TASK>\n<4> [317.128189] ? show_regs+0x67/0x70\n<4> [317.128194] ? __die_body+0x20/0x70\n<4> [317.128196] ? __die+0x2b/0x40\n<4> [317.128198] ? page_fault_oops+0x15f/0x4e0\n<4> [317.128203] ? do_user_addr_fault+0x3fb/0x970\n<4> [317.128205] ? lock_acquire+0xc7/0x2e0\n<4> [317.128209] ? exc_page_fault+0x87/0x2b0\n<4> [317.128212] ? asm_exc_page_fault+0x27/0x30\n<4> [317.128216] ? xe_migrate_copy+0x66/0x13e0 [xe]\n<4> [317.128263] ? __lock_acquire+0xb9d/0x26f0\n<4> [317.128265] ? __lock_acquire+0xb9d/0x26f0\n<4> [317.128267] ? sg_free_append_table+0x20/0x80\n<4> [317.128271] ? lock_acquire+0xc7/0x2e0\n<4> [317.128273] ? mark_held_locks+0x4d/0x80\n<4> [317.128275] ? trace_hardirqs_on+0x1e/0xd0\n<4> [317.128278] ? _raw_spin_unlock_irqrestore+0x31/0x60\n<4> [317.128281] ? __pm_runtime_resume+0x60/0xa0\n<4> [317.128284] xe_bo_move+0x682/0xc50 [xe]\n<4> [317.128315] ? lock_is_held_type+0xaa/0x120\n<4> [317.128318] ttm_bo_handle_move_mem+0xe5/0x1a0 [ttm]\n<4> [317.128324] ttm_bo_validate+0xd1/0x1a0 [ttm]\n<4> [317.128328] shrink_test_run_device+0x721/0xc10 [xe]\n<4> [317.128360] ? find_held_lock+0x31/0x90\n<4> [317.128363] ? lock_release+0xd1/0x2a0\n<4> [317.128365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10\n [kunit]\n<4> [317.128370] xe_bo_shrink_kunit+0x11/0x20 [xe]\n<4> [317.128397] kunit_try_run_case+0x6e/0x150 [kunit]\n<4> [317.128400] ? trace_hardirqs_on+0x1e/0xd0\n<4> [317.128402] ? _raw_spin_unlock_irqrestore+0x31/0x60\n<4> [317.128404] kunit_generic_run_threadfn_adapter+0x1e/0x40 [ku\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49942", url: "https://www.suse.com/security/cve/CVE-2024-49942", }, { category: "external", summary: "SUSE Bug 1232168 for CVE-2024-49942", url: "https://bugzilla.suse.com/1232168", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49942", }, { cve: "CVE-2024-49943", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49943", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/guc_submit: add missing locking in wedged_fini\n\nAny non-wedged queue can have a zero refcount here and can be running\nconcurrently with an async queue destroy, therefore dereferencing the\nqueue ptr to check wedge status after the lookup can trigger UAF if\nqueue is not wedged. Fix this by keeping the submission_state lock held\naround the check to postpone the free and make the check safe, before\ndropping again around the put() to avoid the deadlock.\n\n(cherry picked from commit d28af0b6b9580b9f90c265a7da0315b0ad20bbfd)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49943", url: "https://www.suse.com/security/cve/CVE-2024-49943", }, { category: "external", summary: "SUSE Bug 1232167 for CVE-2024-49943", url: "https://bugzilla.suse.com/1232167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49943", }, { cve: "CVE-2024-49944", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49944", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start\n\nIn sctp_listen_start() invoked by sctp_inet_listen(), it should set the\nsk_state back to CLOSED if sctp_autobind() fails due to whatever reason.\n\nOtherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuse\nis already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash will\nbe dereferenced as sk_state is LISTENING, which causes a crash as bind_hash\nis NULL.\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617\n Call Trace:\n <TASK>\n __sys_listen_socket net/socket.c:1883 [inline]\n __sys_listen+0x1b7/0x230 net/socket.c:1894\n __do_sys_listen net/socket.c:1902 [inline]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49944", url: "https://www.suse.com/security/cve/CVE-2024-49944", }, { category: "external", summary: "SUSE Bug 1232166 for CVE-2024-49944", url: "https://bugzilla.suse.com/1232166", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49944", }, { cve: "CVE-2024-49945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49945", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ncsi: Disable the ncsi work before freeing the associated structure\n\nThe work function can run after the ncsi device is freed, resulting\nin use-after-free bugs or kernel panic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49945", url: "https://www.suse.com/security/cve/CVE-2024-49945", }, { category: "external", summary: "SUSE Bug 1232165 for CVE-2024-49945", url: "https://bugzilla.suse.com/1232165", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49945", }, { cve: "CVE-2024-49946", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49946", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: do not assume bh is held in ppp_channel_bridge_input()\n\nNetworking receive path is usually handled from BH handler.\nHowever, some protocols need to acquire the socket lock, and\npackets might be stored in the socket backlog is the socket was\nowned by a user process.\n\nIn this case, release_sock(), __release_sock(), and sk_backlog_rcv()\nmight call the sk->sk_backlog_rcv() handler in process context.\n\nsybot caught ppp was not considering this case in\nppp_channel_bridge_input() :\n\nWARNING: inconsistent lock state\n6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted\n--------------------------------\ninconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.\nksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes:\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline]\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304\n{SOFTIRQ-ON-W} state was registered at:\n lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759\n __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]\n _raw_spin_lock+0x48/0x60 kernel/locking/spinlock.c:154\n spin_lock include/linux/spinlock.h:351 [inline]\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline]\n ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304\n pppoe_rcv_core+0xfc/0x314 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv include/net/sock.h:1111 [inline]\n __release_sock+0x1a8/0x3d8 net/core/sock.c:3004\n release_sock+0x68/0x1b8 net/core/sock.c:3558\n pppoe_sendmsg+0xc8/0x5d8 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x374/0x4f4 net/socket.c:2204\n __do_sys_sendto net/socket.c:2216 [inline]\n __se_sys_sendto net/socket.c:2212 [inline]\n __arm64_sys_sendto+0xd8/0xf8 net/socket.c:2212\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nirq event stamp: 282914\n hardirqs last enabled at (282914): [<ffff80008b42e30c>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]\n hardirqs last enabled at (282914): [<ffff80008b42e30c>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194\n hardirqs last disabled at (282913): [<ffff80008b42e13c>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]\n hardirqs last disabled at (282913): [<ffff80008b42e13c>] _raw_spin_lock_irqsave+0x2c/0x7c kernel/locking/spinlock.c:162\n softirqs last enabled at (282904): [<ffff8000801f8e88>] softirq_handle_end kernel/softirq.c:400 [inline]\n softirqs last enabled at (282904): [<ffff8000801f8e88>] handle_softirqs+0xa3c/0xbfc kernel/softirq.c:582\n softirqs last disabled at (282909): [<ffff8000801fbdf8>] run_ksoftirqd+0x70/0x158 kernel/softirq.c:928\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&pch->downl);\n <Interrupt>\n lock(&pch->downl);\n\n *** DEADLOCK ***\n\n1 lock held by ksoftirqd/1/24:\n #0: ffff80008f74dfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:325\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall trace:\n dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:319\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:326\n __dump_sta\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49946", url: "https://www.suse.com/security/cve/CVE-2024-49946", }, { category: "external", summary: "SUSE Bug 1232164 for CVE-2024-49946", url: "https://bugzilla.suse.com/1232164", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49946", }, { cve: "CVE-2024-49947", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49947", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: test for not too small csum_start in virtio_net_hdr_to_skb()\n\nsyzbot was able to trigger this warning [1], after injecting a\nmalicious packet through af_packet, setting skb->csum_start and thus\nthe transport header to an incorrect value.\n\nWe can at least make sure the transport header is after\nthe end of the network header (with a estimated minimal size).\n\n[1]\n[ 67.873027] skb len=4096 headroom=16 headlen=14 tailroom=0\nmac=(-1,-1) mac_len=0 net=(16,-6) trans=10\nshinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0))\ncsum(0xa start=10 offset=0 ip_summed=3 complete_sw=0 valid=0 level=0)\nhash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0\npriority=0x0 mark=0x0 alloc_cpu=10 vlan_all=0x0\nencapsulation=0 inner(proto=0x0000, mac=0, net=0, trans=0)\n[ 67.877172] dev name=veth0_vlan feat=0x000061164fdd09e9\n[ 67.877764] sk family=17 type=3 proto=0\n[ 67.878279] skb linear: 00000000: 00 00 10 00 00 00 00 00 0f 00 00 00 08 00\n[ 67.879128] skb frag: 00000000: 0e 00 07 00 00 00 28 00 08 80 1c 00 04 00 00 02\n[ 67.879877] skb frag: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.880647] skb frag: 00000020: 00 00 02 00 00 00 08 00 1b 00 00 00 00 00 00 00\n[ 67.881156] skb frag: 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.881753] skb frag: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.882173] skb frag: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.882790] skb frag: 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.883171] skb frag: 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.883733] skb frag: 00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.884206] skb frag: 00000090: 00 00 00 00 00 00 00 00 00 00 69 70 76 6c 61 6e\n[ 67.884704] skb frag: 000000a0: 31 00 00 00 00 00 00 00 00 00 2b 00 00 00 00 00\n[ 67.885139] skb frag: 000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.885677] skb frag: 000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.886042] skb frag: 000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.886408] skb frag: 000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.887020] skb frag: 000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.887384] skb frag: 00000100: 00 00\n[ 67.887878] ------------[ cut here ]------------\n[ 67.887908] offset (-6) >= skb_headlen() (14)\n[ 67.888445] WARNING: CPU: 10 PID: 2088 at net/core/dev.c:3332 skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.889353] Modules linked in: macsec macvtap macvlan hsr wireguard curve25519_x86_64 libcurve25519_generic libchacha20poly1305 chacha_x86_64 libchacha poly1305_x86_64 dummy bridge sr_mod cdrom evdev pcspkr i2c_piix4 9pnet_virtio 9p 9pnet netfs\n[ 67.890111] CPU: 10 UID: 0 PID: 2088 Comm: b363492833 Not tainted 6.11.0-virtme #1011\n[ 67.890183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 67.890309] RIP: 0010:skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891043] Call Trace:\n[ 67.891173] <TASK>\n[ 67.891274] ? __warn (kernel/panic.c:741)\n[ 67.891320] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891333] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 67.891348] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 67.891363] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 67.891372] ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n[ 67.891388] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891399] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891416] ip_do_fragment (net/ipv4/ip_output.c:777 (discriminator 1))\n[ 67.891448] ? __ip_local_out (./include/linux/skbuff.h:1146 ./include/net/l3mdev.h:196 ./include/net/l3mdev.h:213 ne\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49947", url: "https://www.suse.com/security/cve/CVE-2024-49947", }, { category: "external", summary: "SUSE Bug 1232162 for CVE-2024-49947", url: "https://bugzilla.suse.com/1232162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49947", }, { cve: "CVE-2024-49948", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49948", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: add more sanity checks to qdisc_pkt_len_init()\n\nOne path takes care of SKB_GSO_DODGY, assuming\nskb->len is bigger than hdr_len.\n\nvirtio_net_hdr_to_skb() does not fully dissect TCP headers,\nit only make sure it is at least 20 bytes.\n\nIt is possible for an user to provide a malicious 'GSO' packet,\ntotal length of 80 bytes.\n\n- 20 bytes of IPv4 header\n- 60 bytes TCP header\n- a small gso_size like 8\n\nvirtio_net_hdr_to_skb() would declare this packet as a normal\nGSO packet, because it would see 40 bytes of payload,\nbigger than gso_size.\n\nWe need to make detect this case to not underflow\nqdisc_skb_cb(skb)->pkt_len.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49948", url: "https://www.suse.com/security/cve/CVE-2024-49948", }, { category: "external", summary: "SUSE Bug 1232161 for CVE-2024-49948", url: "https://bugzilla.suse.com/1232161", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49948", }, { cve: "CVE-2024-49949", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49949", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential underflow in qdisc_pkt_len_init() with UFO\n\nAfter commit 7c6d2ecbda83 (\"net: be more gentle about silly gso\nrequests coming from user\") virtio_net_hdr_to_skb() had sanity check\nto detect malicious attempts from user space to cook a bad GSO packet.\n\nThen commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count\ntransport header in UFO\") while fixing one issue, allowed user space\nto cook a GSO packet with the following characteristic :\n\nIPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28.\n\nWhen this packet arrives in qdisc_pkt_len_init(), we end up\nwith hdr_len = 28 (IPv4 header + UDP header), matching skb->len\n\nThen the following sets gso_segs to 0 :\n\ngso_segs = DIV_ROUND_UP(skb->len - hdr_len,\n shinfo->gso_size);\n\nThen later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/\n\nqdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len;\n\nThis leads to the following crash in fq_codel [1]\n\nqdisc_pkt_len_init() is best effort, we only want an estimation\nof the bytes sent on the wire, not crashing the kernel.\n\nThis patch is fixing this particular issue, a following one\nadds more sanity checks for another potential bug.\n\n[1]\n[ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 70.724561] #PF: supervisor read access in kernel mode\n[ 70.724561] #PF: error_code(0x0000) - not-present page\n[ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0\n[ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991\n[ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel\n[ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49\nAll code\n========\n 0:\t24 08 \tand $0x8,%al\n 2:\t49 c1 e1 06 \tshl $0x6,%r9\n 6:\t44 89 7c 24 18 \tmov %r15d,0x18(%rsp)\n b:\t45 31 ed \txor %r13d,%r13d\n e:\t45 31 c0 \txor %r8d,%r8d\n 11:\t31 ff \txor %edi,%edi\n 13:\t89 44 24 14 \tmov %eax,0x14(%rsp)\n 17:\t4c 03 8b 90 01 00 00 \tadd 0x190(%rbx),%r9\n 1e:\teb 04 \tjmp 0x24\n 20:\t39 ca \tcmp %ecx,%edx\n 22:\t73 37 \tjae 0x5b\n 24:\t4d 8b 39 \tmov (%r9),%r15\n 27:\t83 c7 01 \tadd $0x1,%edi\n 2a:*\t49 8b 17 \tmov (%r15),%rdx\t\t<-- trapping instruction\n 2d:\t49 89 11 \tmov %rdx,(%r9)\n 30:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n 34:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n 38:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 3f:\t49 \trex.WB\n\nCode starting with the faulting instruction\n===========================================\n 0:\t49 8b 17 \tmov (%r15),%rdx\n 3:\t49 89 11 \tmov %rdx,(%r9)\n 6:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n a:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n e:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 15:\t49 \trex.WB\n[ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202\n[ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000\n[ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001\n[ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000\n[ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58\n[ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000\n[ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000\n[ 70.724561] CS: 0010 DS: 0000 ES: 0000 C\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49949", url: "https://www.suse.com/security/cve/CVE-2024-49949", }, { category: "external", summary: "SUSE Bug 1232160 for CVE-2024-49949", url: "https://bugzilla.suse.com/1232160", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49949", }, { cve: "CVE-2024-49950", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49950", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49950", url: "https://www.suse.com/security/cve/CVE-2024-49950", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49950", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232159 for CVE-2024-49950", url: "https://bugzilla.suse.com/1232159", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49950", }, { cve: "CVE-2024-49951", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49951", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix possible crash on mgmt_index_removed\n\nIf mgmt_index_removed is called while there are commands queued on\ncmd_sync it could lead to crashes like the bellow trace:\n\n0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc\n0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth]\n0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth]\n0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth]\n\nSo while handling mgmt_index_removed this attempts to dequeue\ncommands passed as user_data to cmd_sync.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49951", url: "https://www.suse.com/security/cve/CVE-2024-49951", }, { category: "external", summary: "SUSE Bug 1232158 for CVE-2024-49951", url: "https://bugzilla.suse.com/1232158", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49951", }, { cve: "CVE-2024-49952", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49952", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prevent nf_skb_duplicated corruption\n\nsyzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write\nper-cpu variable nf_skb_duplicated in an unsafe way [1].\n\nDisabling preemption as hinted by the splat is not enough,\nwe have to disable soft interrupts as well.\n\n[1]\nBUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316\n caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\nCPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49\n nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\n nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook+0x2c4/0x450 include/linux/netfilter.h:269\n NF_HOOK_COND include/linux/netfilter.h:302 [inline]\n ip_output+0x185/0x230 net/ipv4/ip_output.c:433\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495\n udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981\n udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737\n __do_sys_sendmmsg net/socket.c:2766 [inline]\n __se_sys_sendmmsg net/socket.c:2763 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f4ce4f7def9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133\nRAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9\nRDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006\nRBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49952", url: "https://www.suse.com/security/cve/CVE-2024-49952", }, { category: "external", summary: "SUSE Bug 1232157 for CVE-2024-49952", url: "https://bugzilla.suse.com/1232157", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49952", }, { cve: "CVE-2024-49953", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49953", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice\n\nThe km.state is not checked in driver's delayed work. When\nxfrm_state_check_expire() is called, the state can be reset to\nXFRM_STATE_EXPIRED, even if it is XFRM_STATE_DEAD already. This\nhappens when xfrm state is deleted, but not freed yet. As\n__xfrm_state_delete() is called again in xfrm timer, the following\ncrash occurs.\n\nTo fix this issue, skip xfrm_state_check_expire() if km.state is not\nXFRM_STATE_VALID.\n\n Oops: general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP\n CPU: 5 UID: 0 PID: 7448 Comm: kworker/u102:2 Not tainted 6.11.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5e_ipsec: eth%d mlx5e_ipsec_handle_sw_limits [mlx5_core]\n RIP: 0010:__xfrm_state_delete+0x3d/0x1b0\n Code: 0f 84 8b 01 00 00 48 89 fd c6 87 c8 00 00 00 05 48 8d bb 40 10 00 00 e8 11 04 1a 00 48 8b 95 b8 00 00 00 48 8b 85 c0 00 00 00 <48> 89 42 08 48 89 10 48 8b 55 10 48 b8 00 01 00 00 00 00 ad de 48\n RSP: 0018:ffff88885f945ec8 EFLAGS: 00010246\n RAX: dead000000000122 RBX: ffffffff82afa940 RCX: 0000000000000036\n RDX: dead000000000100 RSI: 0000000000000000 RDI: ffffffff82afb980\n RBP: ffff888109a20340 R08: ffff88885f945ea0 R09: 0000000000000000\n R10: 0000000000000000 R11: ffff88885f945ff8 R12: 0000000000000246\n R13: ffff888109a20340 R14: ffff88885f95f420 R15: ffff88885f95f400\n FS: 0000000000000000(0000) GS:ffff88885f940000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2163102430 CR3: 00000001128d6001 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <IRQ>\n ? die_addr+0x33/0x90\n ? exc_general_protection+0x1a2/0x390\n ? asm_exc_general_protection+0x22/0x30\n ? __xfrm_state_delete+0x3d/0x1b0\n ? __xfrm_state_delete+0x2f/0x1b0\n xfrm_timer_handler+0x174/0x350\n ? __xfrm_state_delete+0x1b0/0x1b0\n __hrtimer_run_queues+0x121/0x270\n hrtimer_run_softirq+0x88/0xd0\n handle_softirqs+0xcc/0x270\n do_softirq+0x3c/0x50\n </IRQ>\n <TASK>\n __local_bh_enable_ip+0x47/0x50\n mlx5e_ipsec_handle_sw_limits+0x7d/0x90 [mlx5_core]\n process_one_work+0x137/0x2d0\n worker_thread+0x28d/0x3a0\n ? rescuer_thread+0x480/0x480\n kthread+0xb8/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49953", url: "https://www.suse.com/security/cve/CVE-2024-49953", }, { category: "external", summary: "SUSE Bug 1232156 for CVE-2024-49953", url: "https://bugzilla.suse.com/1232156", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49953", }, { cve: "CVE-2024-49954", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49954", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstatic_call: Replace pointless WARN_ON() in static_call_module_notify()\n\nstatic_call_module_notify() triggers a WARN_ON(), when memory allocation\nfails in __static_call_add_module().\n\nThat's not really justified, because the failure case must be correctly\nhandled by the well known call chain and the error code is passed\nthrough to the initiating userspace application.\n\nA memory allocation fail is not a fatal problem, but the WARN_ON() takes\nthe machine out when panic_on_warn is set.\n\nReplace it with a pr_warn().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49954", url: "https://www.suse.com/security/cve/CVE-2024-49954", }, { category: "external", summary: "SUSE Bug 1232155 for CVE-2024-49954", url: "https://bugzilla.suse.com/1232155", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49954", }, { cve: "CVE-2024-49955", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49955", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: battery: Fix possible crash when unregistering a battery hook\n\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\n\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49955", url: "https://www.suse.com/security/cve/CVE-2024-49955", }, { category: "external", summary: "SUSE Bug 1232154 for CVE-2024-49955", url: "https://bugzilla.suse.com/1232154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49955", }, { cve: "CVE-2024-49956", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49956", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix double destroy_workqueue error\n\nWhen gfs2_fill_super() fails, destroy_workqueue() is called within\ngfs2_gl_hash_clear(), and the subsequent code path calls\ndestroy_workqueue() on the same work queue again.\n\nThis issue can be fixed by setting the work queue pointer to NULL after\nthe first destroy_workqueue() call and checking for a NULL pointer\nbefore attempting to destroy the work queue again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49956", url: "https://www.suse.com/security/cve/CVE-2024-49956", }, { category: "external", summary: "SUSE Bug 1232153 for CVE-2024-49956", url: "https://bugzilla.suse.com/1232153", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49956", }, { cve: "CVE-2024-49957", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49957", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix null-ptr-deref when journal load failed.\n\nDuring the mounting process, if journal_reset() fails because of too short\njournal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. \nSubsequently, ocfs2_journal_shutdown() calls\njbd2_journal_flush()->jbd2_cleanup_journal_tail()->\n__jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail()\n->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer\ndereference error.\n\nTo resolve this issue, we should check the JBD2_LOADED flag to ensure the\njournal was properly loaded. Additionally, use journal instead of\nosb->journal directly to simplify the code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49957", url: "https://www.suse.com/security/cve/CVE-2024-49957", }, { category: "external", summary: "SUSE Bug 1232152 for CVE-2024-49957", url: "https://bugzilla.suse.com/1232152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49957", }, { cve: "CVE-2024-49958", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49958", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: reserve space for inline xattr before attaching reflink tree\n\nOne of our customers reported a crash and a corrupted ocfs2 filesystem. \nThe crash was due to the detection of corruption. Upon troubleshooting,\nthe fsck -fn output showed the below corruption\n\n[EXTENT_LIST_FREE] Extent list in owner 33080590 claims 230 as the next free chain record,\nbut fsck believes the largest valid value is 227. Clamp the next record value? n\n\nThe stat output from the debugfs.ocfs2 showed the following corruption\nwhere the \"Next Free Rec:\" had overshot the \"Count:\" in the root metadata\nblock.\n\n Inode: 33080590 Mode: 0640 Generation: 2619713622 (0x9c25a856)\n FS Generation: 904309833 (0x35e6ac49)\n CRC32: 00000000 ECC: 0000\n Type: Regular Attr: 0x0 Flags: Valid\n Dynamic Features: (0x16) HasXattr InlineXattr Refcounted\n Extended Attributes Block: 0 Extended Attributes Inline Size: 256\n User: 0 (root) Group: 0 (root) Size: 281320357888\n Links: 1 Clusters: 141738\n ctime: 0x66911b56 0x316edcb8 -- Fri Jul 12 06:02:30.829349048 2024\n atime: 0x66911d6b 0x7f7a28d -- Fri Jul 12 06:11:23.133669517 2024\n mtime: 0x66911b56 0x12ed75d7 -- Fri Jul 12 06:02:30.317552087 2024\n dtime: 0x0 -- Wed Dec 31 17:00:00 1969\n Refcount Block: 2777346\n Last Extblk: 2886943 Orphan Slot: 0\n Sub Alloc Slot: 0 Sub Alloc Bit: 14\n Tree Depth: 1 Count: 227 Next Free Rec: 230\n ## Offset Clusters Block#\n 0 0 2310 2776351\n 1 2310 2139 2777375\n 2 4449 1221 2778399\n 3 5670 731 2779423\n 4 6401 566 2780447\n ....... .... .......\n ....... .... .......\n\nThe issue was in the reflink workfow while reserving space for inline\nxattr. The problematic function is ocfs2_reflink_xattr_inline(). By the\ntime this function is called the reflink tree is already recreated at the\ndestination inode from the source inode. At this point, this function\nreserves space for inline xattrs at the destination inode without even\nchecking if there is space at the root metadata block. It simply reduces\nthe l_count from 243 to 227 thereby making space of 256 bytes for inline\nxattr whereas the inode already has extents beyond this index (in this\ncase up to 230), thereby causing corruption.\n\nThe fix for this is to reserve space for inline metadata at the destination\ninode before the reflink tree gets recreated. The customer has verified the\nfix.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49958", url: "https://www.suse.com/security/cve/CVE-2024-49958", }, { category: "external", summary: "SUSE Bug 1232151 for CVE-2024-49958", url: "https://bugzilla.suse.com/1232151", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49958", }, { cve: "CVE-2024-49959", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49959", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error\n\nIn __jbd2_log_wait_for_space(), we might call jbd2_cleanup_journal_tail()\nto recover some journal space. But if an error occurs while executing\njbd2_cleanup_journal_tail() (e.g., an EIO), we don't stop waiting for free\nspace right away, we try other branches, and if j_committing_transaction\nis NULL (i.e., the tid is 0), we will get the following complain:\n\n============================================\nJBD2: I/O error when updating journal superblock for sdd-8.\n__jbd2_log_wait_for_space: needed 256 blocks and only had 217 space available\n__jbd2_log_wait_for_space: no way to get more journal space in sdd-8\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 139804 at fs/jbd2/checkpoint.c:109 __jbd2_log_wait_for_space+0x251/0x2e0\nModules linked in:\nCPU: 2 PID: 139804 Comm: kworker/u8:3 Not tainted 6.6.0+ #1\nRIP: 0010:__jbd2_log_wait_for_space+0x251/0x2e0\nCall Trace:\n <TASK>\n add_transaction_credits+0x5d1/0x5e0\n start_this_handle+0x1ef/0x6a0\n jbd2__journal_start+0x18b/0x340\n ext4_dirty_inode+0x5d/0xb0\n __mark_inode_dirty+0xe4/0x5d0\n generic_update_time+0x60/0x70\n[...]\n============================================\n\nSo only if jbd2_cleanup_journal_tail() returns 1, i.e., there is nothing to\nclean up at the moment, continue to try to reclaim free space in other ways.\n\nNote that this fix relies on commit 6f6a6fda2945 (\"jbd2: fix ocfs2 corrupt\nwhen updating journal superblock fails\") to make jbd2_cleanup_journal_tail\nreturn the correct error code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49959", url: "https://www.suse.com/security/cve/CVE-2024-49959", }, { category: "external", summary: "SUSE Bug 1232149 for CVE-2024-49959", url: "https://bugzilla.suse.com/1232149", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49959", }, { cve: "CVE-2024-49960", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49960", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix timer use-after-free on failed mount\n\nSyzbot has found an ODEBUG bug in ext4_fill_super\n\nThe del_timer_sync function cancels the s_err_report timer,\nwhich reminds about filesystem errors daily. We should\nguarantee the timer is no longer active before kfree(sbi).\n\nWhen filesystem mounting fails, the flow goes to failed_mount3,\nwhere an error occurs when ext4_stop_mmpd is called, causing\na read I/O failure. This triggers the ext4_handle_error function\nthat ultimately re-arms the timer,\nleaving the s_err_report timer active before kfree(sbi) is called.\n\nFix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49960", url: "https://www.suse.com/security/cve/CVE-2024-49960", }, { category: "external", summary: "SUSE Bug 1232395 for CVE-2024-49960", url: "https://bugzilla.suse.com/1232395", }, { category: "external", summary: "SUSE Bug 1232803 for CVE-2024-49960", url: "https://bugzilla.suse.com/1232803", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49960", }, { cve: "CVE-2024-49961", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49961", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ar0521: Use cansleep version of gpiod_set_value()\n\nIf we use GPIO reset from I2C port expander, we must use *_cansleep()\nvariant of GPIO functions.\nThis was not done in ar0521_power_on()/ar0521_power_off() functions.\nLet's fix that.\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 11 at drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x74/0x7c\nModules linked in:\nCPU: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.10.0 #53\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\nWorkqueue: events_unbound deferred_probe_work_func\npstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : gpiod_set_value+0x74/0x7c\nlr : ar0521_power_on+0xcc/0x290\nsp : ffffff8001d7ab70\nx29: ffffff8001d7ab70 x28: ffffff80027dcc90 x27: ffffff8003c82000\nx26: ffffff8003ca9250 x25: ffffffc080a39c60 x24: ffffff8003ca9088\nx23: ffffff8002402720 x22: ffffff8003ca9080 x21: ffffff8003ca9088\nx20: 0000000000000000 x19: ffffff8001eb2a00 x18: ffffff80efeeac80\nx17: 756d2d6332692f30 x16: 0000000000000000 x15: 0000000000000000\nx14: ffffff8001d91d40 x13: 0000000000000016 x12: ffffffc080e98930\nx11: ffffff8001eb2880 x10: 0000000000000890 x9 : ffffff8001d7a9f0\nx8 : ffffff8001d92570 x7 : ffffff80efeeac80 x6 : 000000003fc6e780\nx5 : ffffff8001d91c80 x4 : 0000000000000002 x3 : 0000000000000000\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000001\nCall trace:\n gpiod_set_value+0x74/0x7c\n ar0521_power_on+0xcc/0x290\n...", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49961", url: "https://www.suse.com/security/cve/CVE-2024-49961", }, { category: "external", summary: "SUSE Bug 1232148 for CVE-2024-49961", url: "https://bugzilla.suse.com/1232148", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49961", }, { cve: "CVE-2024-49962", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49962", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()\n\nACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0\n\nACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause\nNULL pointer dereference later.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49962", url: "https://www.suse.com/security/cve/CVE-2024-49962", }, { category: "external", summary: "SUSE Bug 1232314 for CVE-2024-49962", url: "https://bugzilla.suse.com/1232314", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49962", }, { cve: "CVE-2024-49963", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49963", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: bcm2835: Fix timeout during suspend mode\n\nDuring noirq suspend phase the Raspberry Pi power driver suffer of\nfirmware property timeouts. The reason is that the IRQ of the underlying\nBCM2835 mailbox is disabled and rpi_firmware_property_list() will always\nrun into a timeout [1].\n\nSince the VideoCore side isn't consider as a wakeup source, set the\nIRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled\nduring suspend-resume cycle.\n\n[1]\nPM: late suspend of devices complete after 1.754 msecs\nWARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128\n rpi_firmware_property_list+0x204/0x22c\nFirmware transaction 0x00028001 timeout\nModules linked in:\nCPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17\nHardware name: BCM2835\nCall trace:\nunwind_backtrace from show_stack+0x18/0x1c\nshow_stack from dump_stack_lvl+0x34/0x44\ndump_stack_lvl from __warn+0x88/0xec\n__warn from warn_slowpath_fmt+0x7c/0xb0\nwarn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c\nrpi_firmware_property_list from rpi_firmware_property+0x68/0x8c\nrpi_firmware_property from rpi_firmware_set_power+0x54/0xc0\nrpi_firmware_set_power from _genpd_power_off+0xe4/0x148\n_genpd_power_off from genpd_sync_power_off+0x7c/0x11c\ngenpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0\ngenpd_finish_suspend from dpm_run_callback+0x78/0xd0\ndpm_run_callback from device_suspend_noirq+0xc0/0x238\ndevice_suspend_noirq from dpm_suspend_noirq+0xb0/0x168\ndpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac\nsuspend_devices_and_enter from pm_suspend+0x254/0x2e4\npm_suspend from state_store+0xa8/0xd4\nstate_store from kernfs_fop_write_iter+0x154/0x1a0\nkernfs_fop_write_iter from vfs_write+0x12c/0x184\nvfs_write from ksys_write+0x78/0xc0\nksys_write from ret_fast_syscall+0x0/0x54\nException stack(0xcc93dfa8 to 0xcc93dff0)\n[...]\nPM: noirq suspend of devices complete after 3095.584 msecs", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49963", url: "https://www.suse.com/security/cve/CVE-2024-49963", }, { category: "external", summary: "SUSE Bug 1232147 for CVE-2024-49963", url: "https://bugzilla.suse.com/1232147", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49963", }, { cve: "CVE-2024-49964", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49964", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix memfd_pin_folios free_huge_pages leak\n\nmemfd_pin_folios followed by unpin_folios fails to restore free_huge_pages\nif the pages were not already faulted in, because the folio refcount for\npages created by memfd_alloc_folio never goes to 0. memfd_pin_folios\nneeds another folio_put to undo the folio_try_get below:\n\nmemfd_alloc_folio()\n alloc_hugetlb_folio_nodemask()\n dequeue_hugetlb_folio_nodemask()\n dequeue_hugetlb_folio_node_exact()\n folio_ref_unfreeze(folio, 1); ; adds 1 refcount\n folio_try_get() ; adds 1 refcount\n hugetlb_add_to_page_cache() ; adds 512 refcount (on x86)\n\nWith the fix, after memfd_pin_folios + unpin_folios, the refcount for the\n(unfaulted) page is 512, which is correct, as the refcount for a faulted\nunpinned page is 513.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49964", url: "https://www.suse.com/security/cve/CVE-2024-49964", }, { category: "external", summary: "SUSE Bug 1232144 for CVE-2024-49964", url: "https://bugzilla.suse.com/1232144", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49964", }, { cve: "CVE-2024-49965", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49965", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove unreasonable unlock in ocfs2_read_blocks\n\nPatch series \"Misc fixes for ocfs2_read_blocks\", v5.\n\nThis series contains 2 fixes for ocfs2_read_blocks(). The first patch fix\nthe issue reported by syzbot, which detects bad unlock balance in\nocfs2_read_blocks(). The second patch fixes an issue reported by Heming\nZhao when reviewing above fix.\n\n\nThis patch (of 2):\n\nThere was a lock release before exiting, so remove the unreasonable unlock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49965", url: "https://www.suse.com/security/cve/CVE-2024-49965", }, { category: "external", summary: "SUSE Bug 1232142 for CVE-2024-49965", url: "https://bugzilla.suse.com/1232142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49965", }, { cve: "CVE-2024-49966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49966", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: cancel dqi_sync_work before freeing oinfo\n\nocfs2_global_read_info() will initialize and schedule dqi_sync_work at the\nend, if error occurs after successfully reading global quota, it will\ntrigger the following warning with CONFIG_DEBUG_OBJECTS_* enabled:\n\nODEBUG: free active (active state 0) object: 00000000d8b0ce28 object type: timer_list hint: qsync_work_fn+0x0/0x16c\n\nThis reports that there is an active delayed work when freeing oinfo in\nerror handling, so cancel dqi_sync_work first. BTW, return status instead\nof -1 when .read_file_info fails.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49966", url: "https://www.suse.com/security/cve/CVE-2024-49966", }, { category: "external", summary: "SUSE Bug 1232141 for CVE-2024-49966", url: "https://bugzilla.suse.com/1232141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49966", }, { cve: "CVE-2024-49967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49967", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49967", url: "https://www.suse.com/security/cve/CVE-2024-49967", }, { category: "external", summary: "SUSE Bug 1232140 for CVE-2024-49967", url: "https://bugzilla.suse.com/1232140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49967", }, { cve: "CVE-2024-49968", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49968", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: filesystems without casefold feature cannot be mounted with siphash\n\nWhen mounting the ext4 filesystem, if the default hash version is set to\nDX_HASH_SIPHASH but the casefold feature is not set, exit the mounting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49968", url: "https://www.suse.com/security/cve/CVE-2024-49968", }, { category: "external", summary: "SUSE Bug 1232264 for CVE-2024-49968", url: "https://bugzilla.suse.com/1232264", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49968", }, { cve: "CVE-2024-49969", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49969", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in DCN30 color transformation\n\nThis commit addresses a potential index out of bounds issue in the\n`cm3_helper_translate_curve_to_hw_format` function in the DCN30 color\nmanagement module. The issue could occur when the index 'i' exceeds the\nnumber of transfer function points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds, the function returns\nfalse to indicate an error.\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:180 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:181 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:182 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49969", url: "https://www.suse.com/security/cve/CVE-2024-49969", }, { category: "external", summary: "SUSE Bug 1232519 for CVE-2024-49969", url: "https://bugzilla.suse.com/1232519", }, { category: "external", summary: "SUSE Bug 1232524 for CVE-2024-49969", url: "https://bugzilla.suse.com/1232524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49969", }, { cve: "CVE-2024-49970", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49970", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Implement bounds check for stream encoder creation in DCN401\n\n'stream_enc_regs' array is an array of dcn10_stream_enc_registers\nstructures. The array is initialized with four elements, corresponding\nto the four calls to stream_enc_regs() in the array initializer. This\nmeans that valid indices for this array are 0, 1, 2, and 3.\n\nThe error message 'stream_enc_regs' 4 <= 5 below, is indicating that\nthere is an attempt to access this array with an index of 5, which is\nout of bounds. This could lead to undefined behavior\n\nHere, eng_id is used as an index to access the stream_enc_regs array. If\neng_id is 5, this would result in an out-of-bounds access on the\nstream_enc_regs array.\n\nThus fixing Buffer overflow error in dcn401_stream_encoder_create\n\nFound by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401_resource.c:1209 dcn401_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 <= 5", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49970", url: "https://www.suse.com/security/cve/CVE-2024-49970", }, { category: "external", summary: "SUSE Bug 1232516 for CVE-2024-49970", url: "https://bugzilla.suse.com/1232516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49970", }, { cve: "CVE-2024-49971", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49971", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase array size of dummy_boolean\n\n[WHY]\ndml2_core_shared_mode_support and dml_core_mode_support access the third\nelement of dummy_boolean, i.e. hw_debug5 = &s->dummy_boolean[2], when\ndummy_boolean has size of 2. Any assignment to hw_debug5 causes an\nOVERRUN.\n\n[HOW]\nIncrease dummy_boolean's array size to 3.\n\nThis fixes 2 OVERRUN issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49971", url: "https://www.suse.com/security/cve/CVE-2024-49971", }, { category: "external", summary: "SUSE Bug 1232473 for CVE-2024-49971", url: "https://bugzilla.suse.com/1232473", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49971", }, { cve: "CVE-2024-49972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49972", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Deallocate DML memory if allocation fails\n\n[Why]\nWhen DC state create DML memory allocation fails, memory is not\ndeallocated subsequently, resulting in uninitialized structure\nthat is not NULL.\n\n[How]\nDeallocate memory if DML memory allocation fails.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49972", url: "https://www.suse.com/security/cve/CVE-2024-49972", }, { category: "external", summary: "SUSE Bug 1232315 for CVE-2024-49972", url: "https://bugzilla.suse.com/1232315", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49972", }, { cve: "CVE-2024-49973", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49973", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: add tally counter fields added with RTL8125\n\nRTL8125 added fields to the tally counter, what may result in the chip\ndma'ing these new fields to unallocated memory. Therefore make sure\nthat the allocated memory area is big enough to hold all of the\ntally counter values, even if we use only parts of it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49973", url: "https://www.suse.com/security/cve/CVE-2024-49973", }, { category: "external", summary: "SUSE Bug 1232105 for CVE-2024-49973", url: "https://bugzilla.suse.com/1232105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49973", }, { cve: "CVE-2024-49974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49974", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Limit the number of concurrent async COPY operations\n\nNothing appears to limit the number of concurrent async COPY\noperations that clients can start. In addition, AFAICT each async\nCOPY can copy an unlimited number of 4MB chunks, so can run for a\nlong time. Thus IMO async COPY can become a DoS vector.\n\nAdd a restriction mechanism that bounds the number of concurrent\nbackground COPY operations. Start simple and try to be fair -- this\npatch implements a per-namespace limit.\n\nAn async COPY request that occurs while this limit is exceeded gets\nNFS4ERR_DELAY. The requesting client can choose to send the request\nagain after a delay or fall back to a traditional read/write style\ncopy.\n\nIf there is need to make the mechanism more sophisticated, we can\nvisit that in future patches.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49974", url: "https://www.suse.com/security/cve/CVE-2024-49974", }, { category: "external", summary: "SUSE Bug 1232383 for CVE-2024-49974", url: "https://bugzilla.suse.com/1232383", }, { category: "external", summary: "SUSE Bug 1232384 for CVE-2024-49974", url: "https://bugzilla.suse.com/1232384", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49974", }, { cve: "CVE-2024-49975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49975", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: fix kernel info leak via \"[uprobes]\" vma\n\nxol_add_vma() maps the uninitialized page allocated by __create_xol_area()\ninto userspace. On some architectures (x86) this memory is readable even\nwithout VM_READ, VM_EXEC results in the same pgprot_t as VM_EXEC|VM_READ,\nalthough this doesn't really matter, debugger can read this memory anyway.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49975", url: "https://www.suse.com/security/cve/CVE-2024-49975", }, { category: "external", summary: "SUSE Bug 1232104 for CVE-2024-49975", url: "https://bugzilla.suse.com/1232104", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49975", }, { cve: "CVE-2024-49976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49976", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Drop interface_lock in stop_kthread()\n\nstop_kthread() is the offline callback for \"trace/osnoise:online\", since\ncommit 5bfbcd1ee57b (\"tracing/timerlat: Add interface_lock around clearing\nof kthread in stop_kthread()\"), the following ABBA deadlock scenario is\nintroduced:\n\nT1 | T2 [BP] | T3 [AP]\nosnoise_hotplug_workfn() | work_for_cpu_fn() | cpuhp_thread_fun()\n | _cpu_down() | osnoise_cpu_die()\n mutex_lock(&interface_lock) | | stop_kthread()\n | cpus_write_lock() | mutex_lock(&interface_lock)\n cpus_read_lock() | cpuhp_kick_ap() |\n\nAs the interface_lock here in just for protecting the \"kthread\" field of\nthe osn_var, use xchg() instead to fix this issue. Also use\nfor_each_online_cpu() back in stop_per_cpu_kthreads() as it can take\ncpu_read_lock() again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49976", url: "https://www.suse.com/security/cve/CVE-2024-49976", }, { category: "external", summary: "SUSE Bug 1232103 for CVE-2024-49976", url: "https://bugzilla.suse.com/1232103", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49976", }, { cve: "CVE-2024-49977", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49977", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix zero-division error when disabling tc cbs\n\nThe commit b8c43360f6e4 (\"net: stmmac: No need to calculate speed divider\nwhen offload is disabled\") allows the \"port_transmit_rate_kbps\" to be\nset to a value of 0, which is then passed to the \"div_s64\" function when\ntc-cbs is disabled. This leads to a zero-division error.\n\nWhen tc-cbs is disabled, the idleslope, sendslope, and credit values the\ncredit values are not required to be configured. Therefore, adding a return\nstatement after setting the txQ mode to DCB when tc-cbs is disabled would\nprevent a zero-division error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49977", url: "https://www.suse.com/security/cve/CVE-2024-49977", }, { category: "external", summary: "SUSE Bug 1232102 for CVE-2024-49977", url: "https://bugzilla.suse.com/1232102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49977", }, { cve: "CVE-2024-49978", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49978", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngso: fix udp gso fraglist segmentation after pull from frag_list\n\nDetect gso fraglist skbs with corrupted geometry (see below) and\npass these to skb_segment instead of skb_segment_list, as the first\ncan segment them correctly.\n\nValid SKB_GSO_FRAGLIST skbs\n- consist of two or more segments\n- the head_skb holds the protocol headers plus first gso_size\n- one or more frag_list skbs hold exactly one segment\n- all but the last must be gso_size\n\nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can\nmodify these skbs, breaking these invariants.\n\nIn extreme cases they pull all data into skb linear. For UDP, this\ncauses a NULL ptr deref in __udpv4_gso_segment_list_csum at\nudp_hdr(seg->next)->dest.\n\nDetect invalid geometry due to pull, by checking head_skb size.\nDon't just drop, as this may blackhole a destination. Convert to be\nable to pass to regular skb_segment.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49978", url: "https://www.suse.com/security/cve/CVE-2024-49978", }, { category: "external", summary: "SUSE Bug 1232101 for CVE-2024-49978", url: "https://bugzilla.suse.com/1232101", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49978", }, { cve: "CVE-2024-49979", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49979", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix tcp fraglist segmentation after pull from frag_list\n\nDetect tcp gso fraglist skbs with corrupted geometry (see below) and\npass these to skb_segment instead of skb_segment_list, as the first\ncan segment them correctly.\n\nValid SKB_GSO_FRAGLIST skbs\n- consist of two or more segments\n- the head_skb holds the protocol headers plus first gso_size\n- one or more frag_list skbs hold exactly one segment\n- all but the last must be gso_size\n\nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can\nmodify these skbs, breaking these invariants.\n\nIn extreme cases they pull all data into skb linear. For TCP, this\ncauses a NULL ptr deref in __tcpv4_gso_segment_list_csum at\ntcp_hdr(seg->next).\n\nDetect invalid geometry due to pull, by checking head_skb size.\nDon't just drop, as this may blackhole a destination. Convert to be\nable to pass to regular skb_segment.\n\nApproach and description based on a patch by Willem de Bruijn.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49979", url: "https://www.suse.com/security/cve/CVE-2024-49979", }, { category: "external", summary: "SUSE Bug 1232100 for CVE-2024-49979", url: "https://bugzilla.suse.com/1232100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49979", }, { cve: "CVE-2024-49980", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49980", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: revert \"vrf: Remove unnecessary RCU-bh critical section\"\n\nThis reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853.\n\ndev_queue_xmit_nit is expected to be called with BH disabled.\n__dev_queue_xmit has the following:\n\n /* Disable soft irqs for various locks below. Also\n * stops preemption for RCU.\n */\n rcu_read_lock_bh();\n\nVRF must follow this invariant. The referenced commit removed this\nprotection. Which triggered a lockdep warning:\n\n\t================================\n\tWARNING: inconsistent lock state\n\t6.11.0 #1 Tainted: G W\n\t--------------------------------\n\tinconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.\n\tbtserver/134819 [HC0[0]:SC0[0]:HE1:SE1] takes:\n\tffff8882da30c118 (rlock-AF_PACKET){+.?.}-{2:2}, at: tpacket_rcv+0x863/0x3b30\n\t{IN-SOFTIRQ-W} state was registered at:\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t packet_rcv+0xa33/0x1320\n\t __netif_receive_skb_core.constprop.0+0xcb0/0x3a90\n\t __netif_receive_skb_list_core+0x2c9/0x890\n\t netif_receive_skb_list_internal+0x610/0xcc0\n [...]\n\n\tother info that might help us debug this:\n\t Possible unsafe locking scenario:\n\n\t CPU0\n\t ----\n\t lock(rlock-AF_PACKET);\n\t <Interrupt>\n\t lock(rlock-AF_PACKET);\n\n\t *** DEADLOCK ***\n\n\tCall Trace:\n\t <TASK>\n\t dump_stack_lvl+0x73/0xa0\n\t mark_lock+0x102e/0x16b0\n\t __lock_acquire+0x9ae/0x6170\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t tpacket_rcv+0x863/0x3b30\n\t dev_queue_xmit_nit+0x709/0xa40\n\t vrf_finish_direct+0x26e/0x340 [vrf]\n\t vrf_l3_out+0x5f4/0xe80 [vrf]\n\t __ip_local_out+0x51e/0x7a0\n [...]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49980", url: "https://www.suse.com/security/cve/CVE-2024-49980", }, { category: "external", summary: "SUSE Bug 1232099 for CVE-2024-49980", url: "https://bugzilla.suse.com/1232099", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49980", }, { cve: "CVE-2024-49981", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49981", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: fix use after free bug in venus_remove due to race condition\n\nin venus_probe, core->work is bound with venus_sys_error_handler, which is\nused to handle error. The code use core->sys_err_done to make sync work.\nThe core->work is started in venus_event_notify.\n\nIf we call venus_remove, there might be an unfished work. The possible\nsequence is as follows:\n\nCPU0 CPU1\n\n |venus_sys_error_handler\nvenus_remove |\nhfi_destroy\t \t\t |\nvenus_hfi_destroy\t |\nkfree(hdev);\t |\n |hfi_reinit\n\t\t\t\t\t |venus_hfi_queues_reinit\n |//use hdev\n\nFix it by canceling the work in venus_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49981", url: "https://www.suse.com/security/cve/CVE-2024-49981", }, { category: "external", summary: "SUSE Bug 1232098 for CVE-2024-49981", url: "https://bugzilla.suse.com/1232098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49981", }, { cve: "CVE-2024-49982", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49982", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in more places\n\nFor fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential\nuse-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put()\ninstead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs\ninto use-after-free.\n\nThen Nicolai Stange found more places in aoe have potential use-after-free\nproblem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe()\nand aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push\npacket to tx queue. So they should also use dev_hold() to increase the\nrefcnt of skb->dev.\n\nOn the other hand, moving dev_put() to tx() causes that the refcnt of\nskb->dev be reduced to a negative value, because corresponding\ndev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(),\nprobe(), and aoecmd_cfg_rsp(). This patch fixed this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49982", url: "https://www.suse.com/security/cve/CVE-2024-49982", }, { category: "external", summary: "SUSE Bug 1232097 for CVE-2024-49982", url: "https://bugzilla.suse.com/1232097", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49982", }, { cve: "CVE-2024-49983", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49983", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free\n\nWhen calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(),\nthe 'ppath' is updated but it is the 'path' that is freed, thus potentially\ntriggering a double-free in the following process:\n\next4_ext_replay_update_ex\n ppath = path\n ext4_force_split_extent_at(&ppath)\n ext4_split_extent_at\n ext4_ext_insert_extent\n ext4_ext_create_new_leaf\n ext4_ext_grow_indepth\n ext4_find_extent\n if (depth > path[0].p_maxdepth)\n kfree(path) ---> path First freed\n *orig_path = path = NULL ---> null ppath\n kfree(path) ---> path double-free !!!\n\nSo drop the unnecessary ppath and use path directly to avoid this problem.\nAnd use ext4_find_extent() directly to update path, avoiding unnecessary\nmemory allocation and freeing. Also, propagate the error returned by\next4_find_extent() instead of using strange error codes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49983", url: "https://www.suse.com/security/cve/CVE-2024-49983", }, { category: "external", summary: "SUSE Bug 1232096 for CVE-2024-49983", url: "https://bugzilla.suse.com/1232096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49983", }, { cve: "CVE-2024-49984", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49984", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Prevent out of bounds access in performance query extensions\n\nCheck that the number of perfmons userspace is passing in the copy and\nreset extensions is not greater than the internal kernel storage where\nthe ids will be copied into.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49984", url: "https://www.suse.com/security/cve/CVE-2024-49984", }, { category: "external", summary: "SUSE Bug 1232095 for CVE-2024-49984", url: "https://bugzilla.suse.com/1232095", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49984", }, { cve: "CVE-2024-49985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49985", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume\n\nIn case there is any sort of clock controller attached to this I2C bus\ncontroller, for example Versaclock or even an AIC32x4 I2C codec, then\nan I2C transfer triggered from the clock controller clk_ops .prepare\ncallback may trigger a deadlock on drivers/clk/clk.c prepare_lock mutex.\n\nThis is because the clock controller first grabs the prepare_lock mutex\nand then performs the prepare operation, including its I2C access. The\nI2C access resumes this I2C bus controller via .runtime_resume callback,\nwhich calls clk_prepare_enable(), which attempts to grab the prepare_lock\nmutex again and deadlocks.\n\nSince the clock are already prepared since probe() and unprepared in\nremove(), use simple clk_enable()/clk_disable() calls to enable and\ndisable the clock on runtime suspend and resume, to avoid hitting the\nprepare_lock mutex.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49985", url: "https://www.suse.com/security/cve/CVE-2024-49985", }, { category: "external", summary: "SUSE Bug 1232094 for CVE-2024-49985", url: "https://bugzilla.suse.com/1232094", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49985", }, { cve: "CVE-2024-49986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49986", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors\n\nx86_android_tablet_remove() frees the pdevs[] array, so it should not\nbe used after calling x86_android_tablet_remove().\n\nWhen platform_device_register() fails, store the pdevs[x] PTR_ERR() value\ninto the local ret variable before calling x86_android_tablet_remove()\nto avoid using pdevs[] after it has been freed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49986", url: "https://www.suse.com/security/cve/CVE-2024-49986", }, { category: "external", summary: "SUSE Bug 1232093 for CVE-2024-49986", url: "https://bugzilla.suse.com/1232093", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49986", }, { cve: "CVE-2024-49987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49987", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpftool: Fix undefined behavior in qsort(NULL, 0, ...)\n\nWhen netfilter has no entry to display, qsort is called with\nqsort(NULL, 0, ...). This results in undefined behavior, as UBSan\nreports:\n\nnet.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null\n\nAlthough the C standard does not explicitly state whether calling qsort\nwith a NULL pointer when the size is 0 constitutes undefined behavior,\nSection 7.1.4 of the C standard (Use of library functions) mentions:\n\n\"Each of the following statements applies unless explicitly stated\notherwise in the detailed descriptions that follow: If an argument to a\nfunction has an invalid value (such as a value outside the domain of\nthe function, or a pointer outside the address space of the program, or\na null pointer, or a pointer to non-modifiable storage when the\ncorresponding parameter is not const-qualified) or a type (after\npromotion) not expected by a function with variable number of\narguments, the behavior is undefined.\"\n\nTo avoid this, add an early return when nf_link_info is NULL to prevent\ncalling qsort with a NULL pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49987", url: "https://www.suse.com/security/cve/CVE-2024-49987", }, { category: "external", summary: "SUSE Bug 1232258 for CVE-2024-49987", url: "https://bugzilla.suse.com/1232258", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49987", }, { cve: "CVE-2024-49988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49988", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: add refcnt to ksmbd_conn struct\n\nWhen sending an oplock break request, opinfo->conn is used,\nBut freed ->conn can be used on multichannel.\nThis patch add a reference count to the ksmbd_conn struct\nso that it can be freed when it is no longer used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49988", url: "https://www.suse.com/security/cve/CVE-2024-49988", }, { category: "external", summary: "SUSE Bug 1232482 for CVE-2024-49988", url: "https://bugzilla.suse.com/1232482", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49988", }, { cve: "CVE-2024-49989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49989", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix double free issue during amdgpu module unload\n\nFlexible endpoints use DIGs from available inflexible endpoints,\nso only the encoders of inflexible links need to be freed.\nOtherwise, a double free issue may occur when unloading the\namdgpu module.\n\n[ 279.190523] RIP: 0010:__slab_free+0x152/0x2f0\n[ 279.190577] Call Trace:\n[ 279.190580] <TASK>\n[ 279.190582] ? show_regs+0x69/0x80\n[ 279.190590] ? die+0x3b/0x90\n[ 279.190595] ? do_trap+0xc8/0xe0\n[ 279.190601] ? do_error_trap+0x73/0xa0\n[ 279.190605] ? __slab_free+0x152/0x2f0\n[ 279.190609] ? exc_invalid_op+0x56/0x70\n[ 279.190616] ? __slab_free+0x152/0x2f0\n[ 279.190642] ? asm_exc_invalid_op+0x1f/0x30\n[ 279.190648] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191096] ? __slab_free+0x152/0x2f0\n[ 279.191102] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191469] kfree+0x260/0x2b0\n[ 279.191474] dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191821] link_destroy+0xd7/0x130 [amdgpu]\n[ 279.192248] dc_destruct+0x90/0x270 [amdgpu]\n[ 279.192666] dc_destroy+0x19/0x40 [amdgpu]\n[ 279.193020] amdgpu_dm_fini+0x16e/0x200 [amdgpu]\n[ 279.193432] dm_hw_fini+0x26/0x40 [amdgpu]\n[ 279.193795] amdgpu_device_fini_hw+0x24c/0x400 [amdgpu]\n[ 279.194108] amdgpu_driver_unload_kms+0x4f/0x70 [amdgpu]\n[ 279.194436] amdgpu_pci_remove+0x40/0x80 [amdgpu]\n[ 279.194632] pci_device_remove+0x3a/0xa0\n[ 279.194638] device_remove+0x40/0x70\n[ 279.194642] device_release_driver_internal+0x1ad/0x210\n[ 279.194647] driver_detach+0x4e/0xa0\n[ 279.194650] bus_remove_driver+0x6f/0xf0\n[ 279.194653] driver_unregister+0x33/0x60\n[ 279.194657] pci_unregister_driver+0x44/0x90\n[ 279.194662] amdgpu_exit+0x19/0x1f0 [amdgpu]\n[ 279.194939] __do_sys_delete_module.isra.0+0x198/0x2f0\n[ 279.194946] __x64_sys_delete_module+0x16/0x20\n[ 279.194950] do_syscall_64+0x58/0x120\n[ 279.194954] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 279.194980] </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49989", url: "https://www.suse.com/security/cve/CVE-2024-49989", }, { category: "external", summary: "SUSE Bug 1232483 for CVE-2024-49989", url: "https://bugzilla.suse.com/1232483", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49989", }, { cve: "CVE-2024-49990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49990", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/hdcp: Check GSC structure validity\n\nSometimes xe_gsc is not initialized when checked at HDCP capability\ncheck. Add gsc structure check to avoid null pointer error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49990", url: "https://www.suse.com/security/cve/CVE-2024-49990", }, { category: "external", summary: "SUSE Bug 1232484 for CVE-2024-49990", url: "https://bugzilla.suse.com/1232484", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49990", }, { cve: "CVE-2024-49991", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49991", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer\n\nPass pointer reference to amdgpu_bo_unref to clear the correct pointer,\notherwise amdgpu_bo_unref clear the local variable, the original pointer\nnot set to NULL, this could cause use-after-free bug.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49991", url: "https://www.suse.com/security/cve/CVE-2024-49991", }, { category: "external", summary: "SUSE Bug 1232282 for CVE-2024-49991", url: "https://bugzilla.suse.com/1232282", }, { category: "external", summary: "SUSE Bug 1232284 for CVE-2024-49991", url: "https://bugzilla.suse.com/1232284", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49991", }, { cve: "CVE-2024-49992", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49992", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/stm: Avoid use-after-free issues with crtc and plane\n\nltdc_load() calls functions drm_crtc_init_with_planes(),\ndrm_universal_plane_init() and drm_encoder_init(). These functions\nshould not be called with parameters allocated with devm_kzalloc()\nto avoid use-after-free issues [1].\n\nUse allocations managed by the DRM framework.\n\nFound by Linux Verification Center (linuxtesting.org).\n\n[1]\nhttps://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhuxzli@diujon4h7qwb/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49992", url: "https://www.suse.com/security/cve/CVE-2024-49992", }, { category: "external", summary: "SUSE Bug 1232430 for CVE-2024-49992", url: "https://bugzilla.suse.com/1232430", }, { category: "external", summary: "SUSE Bug 1232431 for CVE-2024-49992", url: "https://bugzilla.suse.com/1232431", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-49992", }, { cve: "CVE-2024-49994", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49994", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49994", url: "https://www.suse.com/security/cve/CVE-2024-49994", }, { category: "external", summary: "SUSE Bug 1237757 for CVE-2024-49994", url: "https://bugzilla.suse.com/1237757", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49994", }, { cve: "CVE-2024-49995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49995", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: guard against string buffer overrun\n\nSmatch reports that copying media_name and if_name to name_parts may\noverwrite the destination.\n\n .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16)\n .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16)\n\nThis does seem to be the case so guard against this possibility by using\nstrscpy() and failing if truncation occurs.\n\nIntroduced by commit b97bf3fd8f6a (\"[TIPC] Initial merge\")\n\nCompile tested only.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49995", url: "https://www.suse.com/security/cve/CVE-2024-49995", }, { category: "external", summary: "SUSE Bug 1232432 for CVE-2024-49995", url: "https://bugzilla.suse.com/1232432", }, { category: "external", summary: "SUSE Bug 1232433 for CVE-2024-49995", url: "https://bugzilla.suse.com/1232433", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49995", }, { cve: "CVE-2024-49996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49996", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType's size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49996", url: "https://www.suse.com/security/cve/CVE-2024-49996", }, { category: "external", summary: "SUSE Bug 1232089 for CVE-2024-49996", url: "https://bugzilla.suse.com/1232089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49996", }, { cve: "CVE-2024-49997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49997", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: lantiq_etop: fix memory disclosure\n\nWhen applying padding, the buffer is not zeroed, which results in memory\ndisclosure. The mentioned data is observed on the wire. This patch uses\nskb_put_padto() to pad Ethernet frames properly. The mentioned function\nzeroes the expanded buffer.\n\nIn case the packet cannot be padded it is silently dropped. Statistics\nare also not incremented. This driver does not support statistics in the\nold 32-bit format or the new 64-bit format. These will be added in the\nfuture. In its current form, the patch should be easily backported to\nstable versions.\n\nEthernet MACs on Amazon-SE and Danube cannot do padding of the packets\nin hardware, so software padding must be applied.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49997", url: "https://www.suse.com/security/cve/CVE-2024-49997", }, { category: "external", summary: "SUSE Bug 1232088 for CVE-2024-49997", url: "https://bugzilla.suse.com/1232088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49997", }, { cve: "CVE-2024-49998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49998", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: improve shutdown sequence\n\nAlexander Sverdlin presents 2 problems during shutdown with the\nlan9303 driver. One is specific to lan9303 and the other just happens\nto reproduce there.\n\nThe first problem is that lan9303 is unique among DSA drivers in that it\ncalls dev_get_drvdata() at \"arbitrary runtime\" (not probe, not shutdown,\nnot remove):\n\nphy_state_machine()\n-> ...\n -> dsa_user_phy_read()\n -> ds->ops->phy_read()\n -> lan9303_phy_read()\n -> chip->ops->phy_read()\n -> lan9303_mdio_phy_read()\n -> dev_get_drvdata()\n\nBut we never stop the phy_state_machine(), so it may continue to run\nafter dsa_switch_shutdown(). Our common pattern in all DSA drivers is\nto set drvdata to NULL to suppress the remove() method that may come\nafterwards. But in this case it will result in an NPD.\n\nThe second problem is that the way in which we set\ndp->conduit->dsa_ptr = NULL; is concurrent with receive packet\nprocessing. dsa_switch_rcv() checks once whether dev->dsa_ptr is NULL,\nbut afterwards, rather than continuing to use that non-NULL value,\ndev->dsa_ptr is dereferenced again and again without NULL checks:\ndsa_conduit_find_user() and many other places. In between dereferences,\nthere is no locking to ensure that what was valid once continues to be\nvalid.\n\nBoth problems have the common aspect that closing the conduit interface\nsolves them.\n\nIn the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN\nevent in dsa_user_netdevice_event() which closes user ports as well.\ndsa_port_disable_rt() calls phylink_stop(), which synchronously stops\nthe phylink state machine, and ds->ops->phy_read() will thus no longer\ncall into the driver after this point.\n\nIn the second case, dev_close(conduit) should do this, as per\nDocumentation/networking/driver.rst:\n\n| Quiescence\n| ----------\n|\n| After the ndo_stop routine has been called, the hardware must\n| not receive or transmit any data. All in flight packets must\n| be aborted. If necessary, poll or wait for completion of\n| any reset commands.\n\nSo it should be sufficient to ensure that later, when we zeroize\nconduit->dsa_ptr, there will be no concurrent dsa_switch_rcv() call\non this conduit.\n\nThe addition of the netif_device_detach() function is to ensure that\nioctls, rtnetlinks and ethtool requests on the user ports no longer\npropagate down to the driver - we're no longer prepared to handle them.\n\nThe race condition actually did not exist when commit 0650bf52b31f\n(\"net: dsa: be compatible with masters which unregister on shutdown\")\nfirst introduced dsa_switch_shutdown(). It was created later, when we\nstopped unregistering the user interfaces from a bad spot, and we just\nreplaced that sequence with a racy zeroization of conduit->dsa_ptr\n(one which doesn't ensure that the interfaces aren't up).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49998", url: "https://www.suse.com/security/cve/CVE-2024-49998", }, { category: "external", summary: "SUSE Bug 1232087 for CVE-2024-49998", url: "https://bugzilla.suse.com/1232087", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49998", }, { cve: "CVE-2024-49999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49999", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix the setting of the server responding flag\n\nIn afs_wait_for_operation(), we set transcribe the call responded flag to\nthe server record that we used after doing the fileserver iteration loop -\nbut it's possible to exit the loop having had a response from the server\nthat we've discarded (e.g. it returned an abort or we started receiving\ndata, but the call didn't complete).\n\nThis means that op->server might be NULL, but we don't check that before\nattempting to set the server flag.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49999", url: "https://www.suse.com/security/cve/CVE-2024-49999", }, { category: "external", summary: "SUSE Bug 1232086 for CVE-2024-49999", url: "https://bugzilla.suse.com/1232086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49999", }, { cve: "CVE-2024-50000", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50000", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()\n\nIn mlx5e_tir_builder_alloc() kvzalloc() may return NULL\nwhich is dereferenced on the next line in a reference\nto the modify field.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50000", url: "https://www.suse.com/security/cve/CVE-2024-50000", }, { category: "external", summary: "SUSE Bug 1232085 for CVE-2024-50000", url: "https://bugzilla.suse.com/1232085", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50000", }, { cve: "CVE-2024-50001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50001", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix error path in multi-packet WQE transmit\n\nRemove the erroneous unmap in case no DMA mapping was established\n\nThe multi-packet WQE transmit code attempts to obtain a DMA mapping for\nthe skb. This could fail, e.g. under memory pressure, when the IOMMU\ndriver just can't allocate more memory for page tables. While the code\ntries to handle this in the path below the err_unmap label it erroneously\nunmaps one entry from the sq's FIFO list of active mappings. Since the\ncurrent map attempt failed this unmap is removing some random DMA mapping\nthat might still be required. If the PCI function now presents that IOVA,\nthe IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI\nfunction in error state.\n\nThe erroneous behavior was seen in a stress-test environment that created\nmemory pressure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50001", url: "https://www.suse.com/security/cve/CVE-2024-50001", }, { category: "external", summary: "SUSE Bug 1232084 for CVE-2024-50001", url: "https://bugzilla.suse.com/1232084", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50001", }, { cve: "CVE-2024-50002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50002", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstatic_call: Handle module init failure correctly in static_call_del_module()\n\nModule insertion invokes static_call_add_module() to initialize the static\ncalls in a module. static_call_add_module() invokes __static_call_init(),\nwhich allocates a struct static_call_mod to either encapsulate the built-in\nstatic call sites of the associated key into it so further modules can be\nadded or to append the module to the module chain.\n\nIf that allocation fails the function returns with an error code and the\nmodule core invokes static_call_del_module() to clean up eventually added\nstatic_call_mod entries.\n\nThis works correctly, when all keys used by the module were converted over\nto a module chain before the failure. If not then static_call_del_module()\ncauses a #GP as it blindly assumes that key::mods points to a valid struct\nstatic_call_mod.\n\nThe problem is that key::mods is not a individual struct member of struct\nstatic_call_key, it's part of a union to save space:\n\n union {\n /* bit 0: 0 = mods, 1 = sites */\n unsigned long type;\n struct static_call_mod *mods;\n struct static_call_site *sites;\n\t};\n\nkey::sites is a pointer to the list of built-in usage sites of the static\ncall. The type of the pointer is differentiated by bit 0. A mods pointer\nhas the bit clear, the sites pointer has the bit set.\n\nAs static_call_del_module() blidly assumes that the pointer is a valid\nstatic_call_mod type, it fails to check for this failure case and\ndereferences the pointer to the list of built-in call sites, which is\nobviously bogus.\n\nCure it by checking whether the key has a sites or a mods pointer.\n\nIf it's a sites pointer then the key is not to be touched. As the sites are\nwalked in the same order as in __static_call_init() the site walk can be\nterminated because all subsequent sites have not been touched by the init\ncode due to the error exit.\n\nIf it was converted before the allocation fail, then the inner loop which\nsearches for a module match will find nothing.\n\nA fail in the second allocation in __static_call_init() is harmless and\ndoes not require special treatment. The first allocation succeeded and\nconverted the key to a module chain. That first entry has mod::mod == NULL\nand mod::next == NULL, so the inner loop of static_call_del_module() will\nneither find a module match nor a module chain. The next site in the walk\nwas either already converted, but can't match the module, or it will exit\nthe outer loop because it has a static_call_site pointer and not a\nstatic_call_mod pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50002", url: "https://www.suse.com/security/cve/CVE-2024-50002", }, { category: "external", summary: "SUSE Bug 1232083 for CVE-2024-50002", url: "https://bugzilla.suse.com/1232083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50002", }, { cve: "CVE-2024-50003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50003", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix system hang while resume with TBT monitor\n\n[Why]\nConnected with a Thunderbolt monitor and do the suspend and the system\nmay hang while resume.\n\nThe TBT monitor HPD will be triggered during the resume procedure\nand call the drm_client_modeset_probe() while\nstruct drm_connector connector->dev->master is NULL.\n\nIt will mess up the pipe topology after resume.\n\n[How]\nSkip the TBT monitor HPD during the resume procedure because we\ncurrently will probe the connectors after resume by default.\n\n(cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50003", url: "https://www.suse.com/security/cve/CVE-2024-50003", }, { category: "external", summary: "SUSE Bug 1232385 for CVE-2024-50003", url: "https://bugzilla.suse.com/1232385", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50003", }, { cve: "CVE-2024-50004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50004", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35\n\n[WHY & HOW]\nMismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause\ngrey screen and system hang. Remove EnhancedPrefetchScheduleAccelerationFinal value override\nto match HW spec.\n\n(cherry picked from commit 9dad21f910fcea2bdcff4af46159101d7f9cd8ba)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50004", url: "https://www.suse.com/security/cve/CVE-2024-50004", }, { category: "external", summary: "SUSE Bug 1232396 for CVE-2024-50004", url: "https://bugzilla.suse.com/1232396", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50004", }, { cve: "CVE-2024-50005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50005", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: Fix potential RCU dereference issue in mac802154_scan_worker\n\nIn the `mac802154_scan_worker` function, the `scan_req->type` field was\naccessed after the RCU read-side critical section was unlocked. According\nto RCU usage rules, this is illegal and can lead to unpredictable\nbehavior, such as accessing memory that has been updated or causing\nuse-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the `scan_req->type` value is now stored in a local\nvariable `scan_req_type` while still within the RCU read-side critical\nsection. The `scan_req_type` is then used after the RCU lock is released,\nensuring that the type value is safely accessed without violating RCU\nrules.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50005", url: "https://www.suse.com/security/cve/CVE-2024-50005", }, { category: "external", summary: "SUSE Bug 1232082 for CVE-2024-50005", url: "https://bugzilla.suse.com/1232082", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50005", }, { cve: "CVE-2024-50006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50006", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix i_data_sem unlock order in ext4_ind_migrate()\n\nFuzzing reports a possible deadlock in jbd2_log_wait_commit.\n\nThis issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require\nsynchronous updates because the file descriptor is opened with O_SYNC.\nThis can lead to the jbd2_journal_stop() function calling\njbd2_might_wait_for_commit(), potentially causing a deadlock if the\nEXT4_IOC_MIGRATE call races with a write(2) system call.\n\nThis problem only arises when CONFIG_PROVE_LOCKING is enabled. In this\ncase, the jbd2_might_wait_for_commit macro locks jbd2_handle in the\njbd2_journal_stop function while i_data_sem is locked. This triggers\nlockdep because the jbd2_journal_start function might also lock the same\njbd2_handle simultaneously.\n\nFound by Linux Verification Center (linuxtesting.org) with syzkaller.\n\nRule: add", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50006", url: "https://www.suse.com/security/cve/CVE-2024-50006", }, { category: "external", summary: "SUSE Bug 1232442 for CVE-2024-50006", url: "https://bugzilla.suse.com/1232442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50006", }, { cve: "CVE-2024-50007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50007", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: asihpi: Fix potential OOB array access\n\nASIHPI driver stores some values in the static array upon a response\nfrom the driver, and its index depends on the firmware. We shouldn't\ntrust it blindly.\n\nThis patch adds a sanity check of the array index to fit in the array\nsize.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50007", url: "https://www.suse.com/security/cve/CVE-2024-50007", }, { category: "external", summary: "SUSE Bug 1232394 for CVE-2024-50007", url: "https://bugzilla.suse.com/1232394", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50007", }, { cve: "CVE-2024-50008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50008", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()\n\nReplace one-element array with a flexible-array member in\n`struct host_cmd_ds_802_11_scan_ext`.\n\nWith this, fix the following warning:\n\nelo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------\nelo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field \"ext_scan->tlv_buffer\" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1)\nelo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50008", url: "https://www.suse.com/security/cve/CVE-2024-50008", }, { category: "external", summary: "SUSE Bug 1232317 for CVE-2024-50008", url: "https://bugzilla.suse.com/1232317", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50008", }, { cve: "CVE-2024-50009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50009", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: amd-pstate: add check for cpufreq_cpu_get's return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50009", url: "https://www.suse.com/security/cve/CVE-2024-50009", }, { category: "external", summary: "SUSE Bug 1232318 for CVE-2024-50009", url: "https://bugzilla.suse.com/1232318", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50009", }, { cve: "CVE-2024-50010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50010", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexec: don't WARN for racy path_noexec check\n\nBoth i_mode and noexec checks wrapped in WARN_ON stem from an artifact\nof the previous implementation. They used to legitimately check for the\ncondition, but that got moved up in two commits:\n633fb6ac3980 (\"exec: move S_ISREG() check earlier\")\n0fd338b2d2cd (\"exec: move path_noexec() check earlier\")\n\nInstead of being removed said checks are WARN_ON'ed instead, which\nhas some debug value.\n\nHowever, the spurious path_noexec check is racy, resulting in\nunwarranted warnings should someone race with setting the noexec flag.\n\nOne can note there is more to perm-checking whether execve is allowed\nand none of the conditions are guaranteed to still hold after they were\ntested for.\n\nAdditionally this does not validate whether the code path did any perm\nchecking to begin with -- it will pass if the inode happens to be\nregular.\n\nKeep the redundant path_noexec() check even though it's mindless\nnonsense checking for guarantee that isn't given so drop the WARN.\n\nReword the commentary and do small tidy ups while here.\n\n[brauner: keep redundant path_noexec() check]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50010", url: "https://www.suse.com/security/cve/CVE-2024-50010", }, { category: "external", summary: "SUSE Bug 1232388 for CVE-2024-50010", url: "https://bugzilla.suse.com/1232388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50010", }, { cve: "CVE-2024-50011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50011", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item\n\nThere is no links_num in struct snd_soc_acpi_mach {}, and we test\n!link->num_adr as a condition to end the loop in hda_sdw_machine_select().\nSo an empty item in struct snd_soc_acpi_link_adr array is required.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50011", url: "https://www.suse.com/security/cve/CVE-2024-50011", }, { category: "external", summary: "SUSE Bug 1232081 for CVE-2024-50011", url: "https://bugzilla.suse.com/1232081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50011", }, { cve: "CVE-2024-50012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50012", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: Avoid a bad reference count on CPU node\n\nIn the parse_perf_domain function, if the call to\nof_parse_phandle_with_args returns an error, then the reference to the\nCPU device node that was acquired at the start of the function would not\nbe properly decremented.\n\nAddress this by declaring the variable with the __free(device_node)\ncleanup attribute.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50012", url: "https://www.suse.com/security/cve/CVE-2024-50012", }, { category: "external", summary: "SUSE Bug 1232386 for CVE-2024-50012", url: "https://bugzilla.suse.com/1232386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50012", }, { cve: "CVE-2024-50013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50013", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix memory leak in exfat_load_bitmap()\n\nIf the first directory entry in the root directory is not a bitmap\ndirectory entry, 'bh' will not be released and reassigned, which\nwill cause a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50013", url: "https://www.suse.com/security/cve/CVE-2024-50013", }, { category: "external", summary: "SUSE Bug 1232080 for CVE-2024-50013", url: "https://bugzilla.suse.com/1232080", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50013", }, { cve: "CVE-2024-50014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50014", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix access to uninitialised lock in fc replay path\n\nThe following kernel trace can be triggered with fstest generic/629 when\nexecuted against a filesystem with fast-commit feature enabled:\n\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn't initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\nCall Trace:\n <TASK>\n dump_stack_lvl+0x66/0x90\n register_lock_class+0x759/0x7d0\n __lock_acquire+0x85/0x2630\n ? __find_get_block+0xb4/0x380\n lock_acquire+0xd1/0x2d0\n ? __ext4_journal_get_write_access+0xd5/0x160\n _raw_spin_lock+0x33/0x40\n ? __ext4_journal_get_write_access+0xd5/0x160\n __ext4_journal_get_write_access+0xd5/0x160\n ext4_reserve_inode_write+0x61/0xb0\n __ext4_mark_inode_dirty+0x79/0x270\n ? ext4_ext_replay_set_iblocks+0x2f8/0x450\n ext4_ext_replay_set_iblocks+0x330/0x450\n ext4_fc_replay+0x14c8/0x1540\n ? jread+0x88/0x2e0\n ? rcu_is_watching+0x11/0x40\n do_one_pass+0x447/0xd00\n jbd2_journal_recover+0x139/0x1b0\n jbd2_journal_load+0x96/0x390\n ext4_load_and_init_journal+0x253/0xd40\n ext4_fill_super+0x2cc6/0x3180\n...\n\nIn the replay path there's an attempt to lock sbi->s_bdev_wb_lock in\nfunction ext4_check_bdev_write_error(). Unfortunately, at this point this\nspinlock has not been initialized yet. Moving it's initialization to an\nearlier point in __ext4_fill_super() fixes this splat.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50014", url: "https://www.suse.com/security/cve/CVE-2024-50014", }, { category: "external", summary: "SUSE Bug 1232446 for CVE-2024-50014", url: "https://bugzilla.suse.com/1232446", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50014", }, { cve: "CVE-2024-50015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50015", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: dax: fix overflowing extents beyond inode size when partially writing\n\nThe dax_iomap_rw() does two things in each iteration: map written blocks\nand copy user data to blocks. If the process is killed by user(See signal\nhandling in dax_iomap_iter()), the copied data will be returned and added\non inode size, which means that the length of written extents may exceed\nthe inode size, then fsck will fail. An example is given as:\n\ndd if=/dev/urandom of=file bs=4M count=1\n dax_iomap_rw\n iomap_iter // round 1\n ext4_iomap_begin\n ext4_iomap_alloc // allocate 0~2M extents(written flag)\n dax_iomap_iter // copy 2M data\n iomap_iter // round 2\n iomap_iter_advance\n iter->pos += iter->processed // iter->pos = 2M\n ext4_iomap_begin\n ext4_iomap_alloc // allocate 2~4M extents(written flag)\n dax_iomap_iter\n fatal_signal_pending\n done = iter->pos - iocb->ki_pos // done = 2M\n ext4_handle_inode_extension\n ext4_update_inode_size // inode size = 2M\n\nfsck reports: Inode 13, i_size is 2097152, should be 4194304. Fix?\n\nFix the problem by truncating extents if the written length is smaller\nthan expected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50015", url: "https://www.suse.com/security/cve/CVE-2024-50015", }, { category: "external", summary: "SUSE Bug 1232079 for CVE-2024-50015", url: "https://bugzilla.suse.com/1232079", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50015", }, { cve: "CVE-2024-50016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50016", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid overflow assignment in link_dp_cts\n\nsampling_rate is an uint8_t but is assigned an unsigned int, and thus it\ncan overflow. As a result, sampling_rate is changed to uint32_t.\n\nSimilarly, LINK_QUAL_PATTERN_SET has a size of 2 bits, and it should\nonly be assigned to a value less or equal than 4.\n\nThis fixes 2 INTEGER_OVERFLOW issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50016", url: "https://www.suse.com/security/cve/CVE-2024-50016", }, { category: "external", summary: "SUSE Bug 1232420 for CVE-2024-50016", url: "https://bugzilla.suse.com/1232420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50016", }, { cve: "CVE-2024-50017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50017", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/ident_map: Use gbpages only where full GB page should be mapped.\n\nWhen ident_pud_init() uses only GB pages to create identity maps, large\nranges of addresses not actually requested can be included in the resulting\ntable; a 4K request will map a full GB. This can include a lot of extra\naddress space past that requested, including areas marked reserved by the\nBIOS. That allows processor speculation into reserved regions, that on UV\nsystems can cause system halts.\n\nOnly use GB pages when map creation requests include the full GB page of\nspace. Fall back to using smaller 2M pages when only portions of a GB page\nare included in the request.\n\nNo attempt is made to coalesce mapping requests. If a request requires a\nmap entry at the 2M (pmd) level, subsequent mapping requests within the\nsame 1G region will also be at the pmd level, even if adjacent or\noverlapping such requests could have been combined to map a full GB page.\nExisting usage starts with larger regions and then adds smaller regions, so\nthis should not have any great consequence.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50017", url: "https://www.suse.com/security/cve/CVE-2024-50017", }, { category: "external", summary: "SUSE Bug 1232312 for CVE-2024-50017", url: "https://bugzilla.suse.com/1232312", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50017", }, { cve: "CVE-2024-50018", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50018", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50018", url: "https://www.suse.com/security/cve/CVE-2024-50018", }, { category: "external", summary: "SUSE Bug 1232419 for CVE-2024-50018", url: "https://bugzilla.suse.com/1232419", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50018", }, { cve: "CVE-2024-50019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50019", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nkthread: unpark only parked kthread\n\nCalling into kthread unparking unconditionally is mostly harmless when\nthe kthread is already unparked. The wake up is then simply ignored\nbecause the target is not in TASK_PARKED state.\n\nHowever if the kthread is per CPU, the wake up is preceded by a call\nto kthread_bind() which expects the task to be inactive and in\nTASK_PARKED state, which obviously isn't the case if it is unparked.\n\nAs a result, calling kthread_stop() on an unparked per-cpu kthread\ntriggers such a warning:\n\n\tWARNING: CPU: 0 PID: 11 at kernel/kthread.c:525 __kthread_bind_mask kernel/kthread.c:525\n\t <TASK>\n\t kthread_stop+0x17a/0x630 kernel/kthread.c:707\n\t destroy_workqueue+0x136/0xc40 kernel/workqueue.c:5810\n\t wg_destruct+0x1e2/0x2e0 drivers/net/wireguard/device.c:257\n\t netdev_run_todo+0xe1a/0x1000 net/core/dev.c:10693\n\t default_device_exit_batch+0xa14/0xa90 net/core/dev.c:11769\n\t ops_exit_list net/core/net_namespace.c:178 [inline]\n\t cleanup_net+0x89d/0xcc0 net/core/net_namespace.c:640\n\t process_one_work kernel/workqueue.c:3231 [inline]\n\t process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312\n\t worker_thread+0x86d/0xd70 kernel/workqueue.c:3393\n\t kthread+0x2f0/0x390 kernel/kthread.c:389\n\t ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n\t ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\t </TASK>\n\nFix this with skipping unecessary unparking while stopping a kthread.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50019", url: "https://www.suse.com/security/cve/CVE-2024-50019", }, { category: "external", summary: "SUSE Bug 1231990 for CVE-2024-50019", url: "https://bugzilla.suse.com/1231990", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50019", }, { cve: "CVE-2024-50020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50020", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()\n\nThis patch addresses an issue with improper reference count handling in the\nice_sriov_set_msix_vec_count() function.\n\nFirst, the function calls ice_get_vf_by_id(), which increments the\nreference count of the vf pointer. If the subsequent call to\nice_get_vf_vsi() fails, the function currently returns an error without\ndecrementing the reference count of the vf pointer, leading to a reference\ncount leak. The correct behavior, as implemented in this patch, is to\ndecrement the reference count using ice_put_vf(vf) before returning an\nerror when vsi is NULL.\n\nSecond, the function calls ice_sriov_get_irqs(), which sets\nvf->first_vector_idx. If this call returns a negative value, indicating an\nerror, the function returns an error without decrementing the reference\ncount of the vf pointer, resulting in another reference count leak. The\npatch addresses this by adding a call to ice_put_vf(vf) before returning\nan error when vf->first_vector_idx < 0.\n\nThis bug was identified by an experimental static analysis tool developed\nby our team. The tool specializes in analyzing reference count operations\nand identifying potential mismanagement of reference counts. In this case,\nthe tool flagged the missing decrement operation as a potential issue,\nleading to this patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50020", url: "https://www.suse.com/security/cve/CVE-2024-50020", }, { category: "external", summary: "SUSE Bug 1231989 for CVE-2024-50020", url: "https://bugzilla.suse.com/1231989", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50020", }, { cve: "CVE-2024-50021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50021", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()\n\nThis patch addresses a reference count handling issue in the\nice_dpll_init_rclk_pins() function. The function calls ice_dpll_get_pins(),\nwhich increments the reference count of the relevant resources. However,\nif the condition WARN_ON((!vsi || !vsi->netdev)) is met, the function\ncurrently returns an error without properly releasing the resources\nacquired by ice_dpll_get_pins(), leading to a reference count leak.\n\nTo resolve this, the check has been moved to the top of the function. This\nensures that the function verifies the state before any resources are\nacquired, avoiding the need for additional resource management in the\nerror path.\n\nThis bug was identified by an experimental static analysis tool developed\nby our team. The tool specializes in analyzing reference count operations\nand detecting potential issues where resources are not properly managed.\nIn this case, the tool flagged the missing release operation as a\npotential problem, which led to the development of this patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50021", url: "https://www.suse.com/security/cve/CVE-2024-50021", }, { category: "external", summary: "SUSE Bug 1231957 for CVE-2024-50021", url: "https://bugzilla.suse.com/1231957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50021", }, { cve: "CVE-2024-50022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50022", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndevice-dax: correct pgoff align in dax_set_mapping()\n\npgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise,\nvmf->address not aligned to fault_size will be aligned to the next\nalignment, that can result in memory failure getting the wrong address.\n\nIt's a subtle situation that only can be observed in\npage_mapped_in_vma() after the page is page fault handled by\ndev_dax_huge_fault. Generally, there is little chance to perform\npage_mapped_in_vma in dev-dax's page unless in specific error injection\nto the dax device to trigger an MCE - memory-failure. In that case,\npage_mapped_in_vma() will be triggered to determine which task is\naccessing the failure address and kill that task in the end.\n\n\nWe used self-developed dax device (which is 2M aligned mapping) , to\nperform error injection to random address. It turned out that error\ninjected to non-2M-aligned address was causing endless MCE until panic.\nBecause page_mapped_in_vma() kept resulting wrong address and the task\naccessing the failure address was never killed properly:\n\n\n[ 3783.719419] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.049006] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.049190] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.448042] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.448186] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.792026] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.792179] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.162502] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.162633] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.461116] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.461247] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.764730] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.764859] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.042128] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.042259] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.464293] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.464423] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.818090] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.818217] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3787.085297] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3787.085424] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n\nIt took us several weeks to pinpoint this problem, but we eventually\nused bpftrace to trace the page fault and mce address and successfully\nidentified the issue.\n\n\nJoao added:\n\n; Likely we never reproduce in production because we always pin\n: device-dax regions in the region align they provide (Qemu does\n: similarly with prealloc in hugetlb/file backed memory). I think this\n: bug requires that we touch *unpinned* device-dax regions unaligned to\n: the device-dax selected alignment (page size i.e. 4K/2M/1G)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50022", url: "https://www.suse.com/security/cve/CVE-2024-50022", }, { category: "external", summary: "SUSE Bug 1231956 for CVE-2024-50022", url: "https://bugzilla.suse.com/1231956", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50022", }, { cve: "CVE-2024-50023", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50023", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Remove LED entry from LEDs list on unregister\n\nCommit c938ab4da0eb (\"net: phy: Manual remove LEDs to ensure correct\nordering\") correctly fixed a problem with using devm_ but missed\nremoving the LED entry from the LEDs list.\n\nThis cause kernel panic on specific scenario where the port for the PHY\nis torn down and up and the kmod for the PHY is removed.\n\nOn setting the port down the first time, the assosiacted LEDs are\ncorrectly unregistered. The associated kmod for the PHY is now removed.\nThe kmod is now added again and the port is now put up, the associated LED\nare registered again.\nOn putting the port down again for the second time after these step, the\nLED list now have 4 elements. With the first 2 already unregistered\npreviously and the 2 new one registered again.\n\nThis cause a kernel panic as the first 2 element should have been\nremoved.\n\nFix this by correctly removing the element when LED is unregistered.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50023", url: "https://www.suse.com/security/cve/CVE-2024-50023", }, { category: "external", summary: "SUSE Bug 1231955 for CVE-2024-50023", url: "https://bugzilla.suse.com/1231955", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50023", }, { cve: "CVE-2024-50024", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50024", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix an unsafe loop on the list\n\nThe kernel may crash when deleting a genetlink family if there are still\nlisteners for that family:\n\nOops: Kernel access of bad area, sig: 11 [#1]\n ...\n NIP [c000000000c080bc] netlink_update_socket_mc+0x3c/0xc0\n LR [c000000000c0f764] __netlink_clear_multicast_users+0x74/0xc0\n Call Trace:\n__netlink_clear_multicast_users+0x74/0xc0\ngenl_unregister_family+0xd4/0x2d0\n\nChange the unsafe loop on the list to a safe one, because inside the\nloop there is an element removal from this list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50024", url: "https://www.suse.com/security/cve/CVE-2024-50024", }, { category: "external", summary: "SUSE Bug 1231954 for CVE-2024-50024", url: "https://bugzilla.suse.com/1231954", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50024", }, { cve: "CVE-2024-50025", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50025", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: fnic: Move flush_work initialization out of if block\n\nAfter commit 379a58caa199 (\"scsi: fnic: Move fnic_fnic_flush_tx() to a\nwork queue\"), it can happen that a work item is sent to an uninitialized\nwork queue. This may has the effect that the item being queued is never\nactually queued, and any further actions depending on it will not\nproceed.\n\nThe following warning is observed while the fnic driver is loaded:\n\nkernel: WARNING: CPU: 11 PID: 0 at ../kernel/workqueue.c:1524 __queue_work+0x373/0x410\nkernel: <IRQ>\nkernel: queue_work_on+0x3a/0x50\nkernel: fnic_wq_copy_cmpl_handler+0x54a/0x730 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24]\nkernel: fnic_isr_msix_wq_copy+0x2d/0x60 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24]\nkernel: __handle_irq_event_percpu+0x36/0x1a0\nkernel: handle_irq_event_percpu+0x30/0x70\nkernel: handle_irq_event+0x34/0x60\nkernel: handle_edge_irq+0x7e/0x1a0\nkernel: __common_interrupt+0x3b/0xb0\nkernel: common_interrupt+0x58/0xa0\nkernel: </IRQ>\n\nIt has been observed that this may break the rediscovery of Fibre\nChannel devices after a temporary fabric failure.\n\nThis patch fixes it by moving the work queue initialization out of\nan if block in fnic_probe().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50025", url: "https://www.suse.com/security/cve/CVE-2024-50025", }, { category: "external", summary: "SUSE Bug 1231953 for CVE-2024-50025", url: "https://bugzilla.suse.com/1231953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50025", }, { cve: "CVE-2024-50026", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50026", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: wd33c93: Don't use stale scsi_pointer value\n\nA regression was introduced with commit dbb2da557a6a (\"scsi: wd33c93:\nMove the SCSI pointer to private command data\") which results in an oops\nin wd33c93_intr(). That commit added the scsi_pointer variable and\ninitialized it from hostdata->connected. However, during selection,\nhostdata->connected is not yet valid. Fix this by getting the current\nscsi_pointer from hostdata->selecting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50026", url: "https://www.suse.com/security/cve/CVE-2024-50026", }, { category: "external", summary: "SUSE Bug 1231952 for CVE-2024-50026", url: "https://bugzilla.suse.com/1231952", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50026", }, { cve: "CVE-2024-50027", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50027", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Free tzp copy along with the thermal zone\n\nThe object pointed to by tz->tzp may still be accessed after being\nfreed in thermal_zone_device_unregister(), so move the freeing of it\nto the point after the removal completion has been completed at which\nit cannot be accessed any more.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50027", url: "https://www.suse.com/security/cve/CVE-2024-50027", }, { category: "external", summary: "SUSE Bug 1231951 for CVE-2024-50027", url: "https://bugzilla.suse.com/1231951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50027", }, { cve: "CVE-2024-50028", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50028", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Reference count the zone in thermal_zone_get_by_id()\n\nThere are places in the thermal netlink code where nothing prevents\nthe thermal zone object from going away while being accessed after it\nhas been returned by thermal_zone_get_by_id().\n\nTo address this, make thermal_zone_get_by_id() get a reference on the\nthermal zone device object to be returned with the help of get_device(),\nunder thermal_list_lock, and adjust all of its callers to this change\nwith the help of the cleanup.h infrastructure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50028", url: "https://www.suse.com/security/cve/CVE-2024-50028", }, { category: "external", summary: "SUSE Bug 1231950 for CVE-2024-50028", url: "https://bugzilla.suse.com/1231950", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50028", }, { cve: "CVE-2024-50029", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50029", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n <TASK>\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50029", url: "https://www.suse.com/security/cve/CVE-2024-50029", }, { category: "external", summary: "SUSE Bug 1231949 for CVE-2024-50029", url: "https://bugzilla.suse.com/1231949", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50029", }, { cve: "CVE-2024-50030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50030", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/ct: prevent UAF in send_recv()\n\nEnsure we serialize with completion side to prevent UAF with fence going\nout of scope on the stack, since we have no clue if it will fire after\nthe timeout before we can erase from the xa. Also we have some dependent\nloads and stores for which we need the correct ordering, and we lack the\nneeded barriers. Fix this by grabbing the ct->lock after the wait, which\nis also held by the completion side.\n\nv2 (Badal):\n - Also print done after acquiring the lock and seeing timeout.\n\n(cherry picked from commit 52789ce35c55ccd30c4b67b9cc5b2af55e0122ea)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50030", url: "https://www.suse.com/security/cve/CVE-2024-50030", }, { category: "external", summary: "SUSE Bug 1231948 for CVE-2024-50030", url: "https://bugzilla.suse.com/1231948", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50030", }, { cve: "CVE-2024-50031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50031", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop the active perfmon before being destroyed\n\nWhen running `kmscube` with one or more performance monitors enabled\nvia `GALLIUM_HUD`, the following kernel panic can occur:\n\n[ 55.008324] Unable to handle kernel paging request at virtual address 00000000052004a4\n[ 55.008368] Mem abort info:\n[ 55.008377] ESR = 0x0000000096000005\n[ 55.008387] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 55.008402] SET = 0, FnV = 0\n[ 55.008412] EA = 0, S1PTW = 0\n[ 55.008421] FSC = 0x05: level 1 translation fault\n[ 55.008434] Data abort info:\n[ 55.008442] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 55.008455] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 55.008467] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 55.008481] user pgtable: 4k pages, 39-bit VAs, pgdp=00000001046c6000\n[ 55.008497] [00000000052004a4] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 55.008525] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 55.008542] Modules linked in: rfcomm [...] vc4 v3d snd_soc_hdmi_codec drm_display_helper\ngpu_sched drm_shmem_helper cec drm_dma_helper drm_kms_helper i2c_brcmstb\ndrm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight\n[ 55.008799] CPU: 2 PID: 166 Comm: v3d_bin Tainted: G C 6.6.47+rpt-rpi-v8 #1 Debian 1:6.6.47-1+rpt1\n[ 55.008824] Hardware name: Raspberry Pi 4 Model B Rev 1.5 (DT)\n[ 55.008838] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 55.008855] pc : __mutex_lock.constprop.0+0x90/0x608\n[ 55.008879] lr : __mutex_lock.constprop.0+0x58/0x608\n[ 55.008895] sp : ffffffc080673cf0\n[ 55.008904] x29: ffffffc080673cf0 x28: 0000000000000000 x27: ffffff8106188a28\n[ 55.008926] x26: ffffff8101e78040 x25: ffffff8101baa6c0 x24: ffffffd9d989f148\n[ 55.008947] x23: ffffffda1c2a4008 x22: 0000000000000002 x21: ffffffc080673d38\n[ 55.008968] x20: ffffff8101238000 x19: ffffff8104f83188 x18: 0000000000000000\n[ 55.008988] x17: 0000000000000000 x16: ffffffda1bd04d18 x15: 00000055bb08bc90\n[ 55.009715] x14: 0000000000000000 x13: 0000000000000000 x12: ffffffda1bd4cbb0\n[ 55.010433] x11: 00000000fa83b2da x10: 0000000000001a40 x9 : ffffffda1bd04d04\n[ 55.011162] x8 : ffffff8102097b80 x7 : 0000000000000000 x6 : 00000000030a5857\n[ 55.011880] x5 : 00ffffffffffffff x4 : 0300000005200470 x3 : 0300000005200470\n[ 55.012598] x2 : ffffff8101238000 x1 : 0000000000000021 x0 : 0300000005200470\n[ 55.013292] Call trace:\n[ 55.013959] __mutex_lock.constprop.0+0x90/0x608\n[ 55.014646] __mutex_lock_slowpath+0x1c/0x30\n[ 55.015317] mutex_lock+0x50/0x68\n[ 55.015961] v3d_perfmon_stop+0x40/0xe0 [v3d]\n[ 55.016627] v3d_bin_job_run+0x10c/0x2d8 [v3d]\n[ 55.017282] drm_sched_main+0x178/0x3f8 [gpu_sched]\n[ 55.017921] kthread+0x11c/0x128\n[ 55.018554] ret_from_fork+0x10/0x20\n[ 55.019168] Code: f9400260 f1001c1f 54001ea9 927df000 (b9403401)\n[ 55.019776] ---[ end trace 0000000000000000 ]---\n[ 55.020411] note: v3d_bin[166] exited with preempt_count 1\n\nThis issue arises because, upon closing the file descriptor (which happens\nwhen we interrupt `kmscube`), the active performance monitor is not\nstopped. Although all perfmons are destroyed in `v3d_perfmon_close_file()`,\nthe active performance monitor's pointer (`v3d->active_perfmon`) is still\nretained.\n\nIf `kmscube` is run again, the driver will attempt to stop the active\nperformance monitor using the stale pointer in `v3d->active_perfmon`.\nHowever, this pointer is no longer valid because the previous process has\nalready terminated, and all performance monitors associated with it have\nbeen destroyed and freed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50031", url: "https://www.suse.com/security/cve/CVE-2024-50031", }, { category: "external", summary: "SUSE Bug 1231947 for CVE-2024-50031", url: "https://bugzilla.suse.com/1231947", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50031", }, { cve: "CVE-2024-50032", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50032", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/nocb: Fix rcuog wake-up from offline softirq\n\nAfter a CPU has set itself offline and before it eventually calls\nrcutree_report_cpu_dead(), there are still opportunities for callbacks\nto be enqueued, for example from a softirq. When that happens on NOCB,\nthe rcuog wake-up is deferred through an IPI to an online CPU in order\nnot to call into the scheduler and risk arming the RT-bandwidth after\nhrtimers have been migrated out and disabled.\n\nBut performing a synchronized IPI from a softirq is buggy as reported in\nthe following scenario:\n\n WARNING: CPU: 1 PID: 26 at kernel/smp.c:633 smp_call_function_single\n Modules linked in: rcutorture torture\n CPU: 1 UID: 0 PID: 26 Comm: migration/1 Not tainted 6.11.0-rc1-00012-g9139f93209d1 #1\n Stopper: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120\n RIP: 0010:smp_call_function_single\n <IRQ>\n swake_up_one_online\n __call_rcu_nocb_wake\n __call_rcu_common\n ? rcu_torture_one_read\n call_timer_fn\n __run_timers\n run_timer_softirq\n handle_softirqs\n irq_exit_rcu\n ? tick_handle_periodic\n sysvec_apic_timer_interrupt\n </IRQ>\n\nFix this with forcing deferred rcuog wake up through the NOCB timer when\nthe CPU is offline. The actual wake up will happen from\nrcutree_report_cpu_dead().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50032", url: "https://www.suse.com/security/cve/CVE-2024-50032", }, { category: "external", summary: "SUSE Bug 1231915 for CVE-2024-50032", url: "https://bugzilla.suse.com/1231915", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50032", }, { cve: "CVE-2024-50033", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50033", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: make slhc_remember() more robust against malicious packets\n\nsyzbot found that slhc_remember() was missing checks against\nmalicious packets [1].\n\nslhc_remember() only checked the size of the packet was at least 20,\nwhich is not good enough.\n\nWe need to make sure the packet includes the IPv4 and TCP header\nthat are supposed to be carried.\n\nAdd iph and th pointers to make the code more readable.\n\n[1]\n\nBUG: KMSAN: uninit-value in slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\n slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\n ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455\n ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [inline]\n ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212\n ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\n __release_sock+0x1da/0x330 net/core/sock.c:3072\n release_sock+0x6b/0x250 net/core/sock.c:3626\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4091 [inline]\n slab_alloc_node mm/slub.c:4134 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1322 [inline]\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50033", url: "https://www.suse.com/security/cve/CVE-2024-50033", }, { category: "external", summary: "SUSE Bug 1231914 for CVE-2024-50033", url: "https://bugzilla.suse.com/1231914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50033", }, { cve: "CVE-2024-50034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50034", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC\n\nEric report a panic on IPPROTO_SMC, and give the facts\nthat when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too.\n\nBug: Unable to handle kernel NULL pointer dereference at virtual address\n0000000000000000\nMem abort info:\nESR = 0x0000000086000005\nEC = 0x21: IABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000\n[0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003,\npud=0000000000000000\nInternal error: Oops: 0000000086000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted\n6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 08/06/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : 0x0\nlr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910\nsp : ffff80009b887a90\nx29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000\nx26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00\nx23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000\nx20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee\nx17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001\nx14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003\nx11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000\nCall trace:\n0x0\nnetlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000\nsmack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593\nsmack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973\nsecurity_socket_post_create+0x94/0xd4 security/security.c:4425\n__sock_create+0x4c8/0x884 net/socket.c:1587\nsock_create net/socket.c:1622 [inline]\n__sys_socket_create net/socket.c:1659 [inline]\n__sys_socket+0x134/0x340 net/socket.c:1706\n__do_sys_socket net/socket.c:1720 [inline]\n__se_sys_socket net/socket.c:1718 [inline]\n__arm64_sys_socket+0x7c/0x94 net/socket.c:1718\n__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\nel0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nCode: ???????? ???????? ???????? ???????? (????????)\n---[ end trace 0000000000000000 ]---\n\nThis patch add a toy implementation that performs a simple return to\nprevent such panic. This is because MSS can be set in sock_create_kern\nor smc_setsockopt, similar to how it's done in AF_SMC. However, for\nAF_SMC, there is currently no way to synchronize MSS within\n__sys_connect_file. This toy implementation lays the groundwork for us\nto support such feature for IPPROTO_SMC in the future.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50034", url: "https://www.suse.com/security/cve/CVE-2024-50034", }, { category: "external", summary: "SUSE Bug 1231913 for CVE-2024-50034", url: "https://bugzilla.suse.com/1231913", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50034", }, { cve: "CVE-2024-50035", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50035", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: fix ppp_async_encode() illegal access\n\nsyzbot reported an issue in ppp_async_encode() [1]\n\nIn this case, pppoe_sendmsg() is called with a zero size.\nThen ppp_async_encode() is called with an empty skb.\n\nBUG: KMSAN: uninit-value in ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\n BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\n ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\n ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\n ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [inline]\n ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\n __release_sock+0x1da/0x330 net/core/sock.c:3072\n release_sock+0x6b/0x250 net/core/sock.c:3626\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4092 [inline]\n slab_alloc_node mm/slub.c:4135 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1322 [inline]\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 Not tainted 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50035", url: "https://www.suse.com/security/cve/CVE-2024-50035", }, { category: "external", summary: "SUSE Bug 1232392 for CVE-2024-50035", url: "https://bugzilla.suse.com/1232392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50035", }, { cve: "CVE-2024-50036", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50036", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50036", url: "https://www.suse.com/security/cve/CVE-2024-50036", }, { category: "external", summary: "SUSE Bug 1231912 for CVE-2024-50036", url: "https://bugzilla.suse.com/1231912", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50036", }, { cve: "CVE-2024-50037", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50037", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/fbdev-dma: Only cleanup deferred I/O if necessary\n\nCommit 5a498d4d06d6 (\"drm/fbdev-dma: Only install deferred I/O if\nnecessary\") initializes deferred I/O only if it is used.\ndrm_fbdev_dma_fb_destroy() however calls fb_deferred_io_cleanup()\nunconditionally with struct fb_info.fbdefio == NULL. KASAN with the\nout-of-tree Apple silicon display driver posts following warning from\n__flush_work() of a random struct work_struct instead of the expected\nNULL pointer derefs.\n\n[ 22.053799] ------------[ cut here ]------------\n[ 22.054832] WARNING: CPU: 2 PID: 1 at kernel/workqueue.c:4177 __flush_work+0x4d8/0x580\n[ 22.056597] Modules linked in: uhid bnep uinput nls_ascii ip6_tables ip_tables i2c_dev loop fuse dm_multipath nfnetlink zram hid_magicmouse btrfs xor xor_neon brcmfmac_wcc raid6_pq hci_bcm4377 bluetooth brcmfmac hid_apple brcmutil nvmem_spmi_mfd simple_mfd_spmi dockchannel_hid cfg80211 joydev regmap_spmi nvme_apple ecdh_generic ecc macsmc_hid rfkill dwc3 appledrm snd_soc_macaudio macsmc_power nvme_core apple_isp phy_apple_atc apple_sart apple_rtkit_helper apple_dockchannel tps6598x macsmc_hwmon snd_soc_cs42l84 videobuf2_v4l2 spmi_apple_controller nvmem_apple_efuses videobuf2_dma_sg apple_z2 videobuf2_memops spi_nor panel_summit videobuf2_common asahi videodev pwm_apple apple_dcp snd_soc_apple_mca apple_admac spi_apple clk_apple_nco i2c_pasemi_platform snd_pcm_dmaengine mc i2c_pasemi_core mux_core ofpart adpdrm drm_dma_helper apple_dart apple_soc_cpufreq leds_pwm phram\n[ 22.073768] CPU: 2 UID: 0 PID: 1 Comm: systemd-shutdow Not tainted 6.11.2-asahi+ #asahi-dev\n[ 22.075612] Hardware name: Apple MacBook Pro (13-inch, M2, 2022) (DT)\n[ 22.077032] pstate: 01400005 (nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 22.078567] pc : __flush_work+0x4d8/0x580\n[ 22.079471] lr : __flush_work+0x54/0x580\n[ 22.080345] sp : ffffc000836ef820\n[ 22.081089] x29: ffffc000836ef880 x28: 0000000000000000 x27: ffff80002ddb7128\n[ 22.082678] x26: dfffc00000000000 x25: 1ffff000096f0c57 x24: ffffc00082d3e358\n[ 22.084263] x23: ffff80004b7862b8 x22: dfffc00000000000 x21: ffff80005aa1d470\n[ 22.085855] x20: ffff80004b786000 x19: ffff80004b7862a0 x18: 0000000000000000\n[ 22.087439] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000005\n[ 22.089030] x14: 1ffff800106ddf0a x13: 0000000000000000 x12: 0000000000000000\n[ 22.090618] x11: ffffb800106ddf0f x10: dfffc00000000000 x9 : 1ffff800106ddf0e\n[ 22.092206] x8 : 0000000000000000 x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000001\n[ 22.093790] x5 : ffffc000836ef728 x4 : 0000000000000000 x3 : 0000000000000020\n[ 22.095368] x2 : 0000000000000008 x1 : 00000000000000aa x0 : 0000000000000000\n[ 22.096955] Call trace:\n[ 22.097505] __flush_work+0x4d8/0x580\n[ 22.098330] flush_delayed_work+0x80/0xb8\n[ 22.099231] fb_deferred_io_cleanup+0x3c/0x130\n[ 22.100217] drm_fbdev_dma_fb_destroy+0x6c/0xe0 [drm_dma_helper]\n[ 22.101559] unregister_framebuffer+0x210/0x2f0\n[ 22.102575] drm_fb_helper_unregister_info+0x48/0x60\n[ 22.103683] drm_fbdev_dma_client_unregister+0x4c/0x80 [drm_dma_helper]\n[ 22.105147] drm_client_dev_unregister+0x1cc/0x230\n[ 22.106217] drm_dev_unregister+0x58/0x570\n[ 22.107125] apple_drm_unbind+0x50/0x98 [appledrm]\n[ 22.108199] component_del+0x1f8/0x3a8\n[ 22.109042] dcp_platform_shutdown+0x24/0x38 [apple_dcp]\n[ 22.110357] platform_shutdown+0x70/0x90\n[ 22.111219] device_shutdown+0x368/0x4d8\n[ 22.112095] kernel_restart+0x6c/0x1d0\n[ 22.112946] __arm64_sys_reboot+0x1c8/0x328\n[ 22.113868] invoke_syscall+0x78/0x1a8\n[ 22.114703] do_el0_svc+0x124/0x1a0\n[ 22.115498] el0_svc+0x3c/0xe0\n[ 22.116181] el0t_64_sync_handler+0x70/0xc0\n[ 22.117110] el0t_64_sync+0x190/0x198\n[ 22.117931] ---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50037", url: "https://www.suse.com/security/cve/CVE-2024-50037", }, { category: "external", summary: "SUSE Bug 1231911 for CVE-2024-50037", url: "https://bugzilla.suse.com/1231911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50037", }, { cve: "CVE-2024-50038", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50038", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50038", url: "https://www.suse.com/security/cve/CVE-2024-50038", }, { category: "external", summary: "SUSE Bug 1231910 for CVE-2024-50038", url: "https://bugzilla.suse.com/1231910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50038", }, { cve: "CVE-2024-50039", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50039", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: accept TCA_STAB only for root qdisc\n\nMost qdiscs maintain their backlog using qdisc_pkt_len(skb)\non the assumption it is invariant between the enqueue()\nand dequeue() handlers.\n\nUnfortunately syzbot can crash a host rather easily using\na TBF + SFQ combination, with an STAB on SFQ [1]\n\nWe can't support TCA_STAB on arbitrary level, this would\nrequire to maintain per-qdisc storage.\n\n[1]\n[ 88.796496] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 88.798611] #PF: supervisor read access in kernel mode\n[ 88.799014] #PF: error_code(0x0000) - not-present page\n[ 88.799506] PGD 0 P4D 0\n[ 88.799829] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 88.800569] CPU: 14 UID: 0 PID: 2053 Comm: b371744477 Not tainted 6.12.0-rc1-virtme #1117\n[ 88.801107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 88.801779] RIP: 0010:sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq\n[ 88.802544] Code: 0f b7 50 12 48 8d 04 d5 00 00 00 00 48 89 d6 48 29 d0 48 8b 91 c0 01 00 00 48 c1 e0 03 48 01 c2 66 83 7a 1a 00 7e c0 48 8b 3a <4c> 8b 07 4c 89 02 49 89 50 08 48 c7 47 08 00 00 00 00 48 c7 07 00\nAll code\n========\n 0:\t0f b7 50 12 \tmovzwl 0x12(%rax),%edx\n 4:\t48 8d 04 d5 00 00 00 \tlea 0x0(,%rdx,8),%rax\n b:\t00\n c:\t48 89 d6 \tmov %rdx,%rsi\n f:\t48 29 d0 \tsub %rdx,%rax\n 12:\t48 8b 91 c0 01 00 00 \tmov 0x1c0(%rcx),%rdx\n 19:\t48 c1 e0 03 \tshl $0x3,%rax\n 1d:\t48 01 c2 \tadd %rax,%rdx\n 20:\t66 83 7a 1a 00 \tcmpw $0x0,0x1a(%rdx)\n 25:\t7e c0 \tjle 0xffffffffffffffe7\n 27:\t48 8b 3a \tmov (%rdx),%rdi\n 2a:*\t4c 8b 07 \tmov (%rdi),%r8\t\t<-- trapping instruction\n 2d:\t4c 89 02 \tmov %r8,(%rdx)\n 30:\t49 89 50 08 \tmov %rdx,0x8(%r8)\n 34:\t48 c7 47 08 00 00 00 \tmovq $0x0,0x8(%rdi)\n 3b:\t00\n 3c:\t48 \trex.W\n 3d:\tc7 \t.byte 0xc7\n 3e:\t07 \t(bad)\n\t...\n\nCode starting with the faulting instruction\n===========================================\n 0:\t4c 8b 07 \tmov (%rdi),%r8\n 3:\t4c 89 02 \tmov %r8,(%rdx)\n 6:\t49 89 50 08 \tmov %rdx,0x8(%r8)\n a:\t48 c7 47 08 00 00 00 \tmovq $0x0,0x8(%rdi)\n 11:\t00\n 12:\t48 \trex.W\n 13:\tc7 \t.byte 0xc7\n 14:\t07 \t(bad)\n\t...\n[ 88.803721] RSP: 0018:ffff9a1f892b7d58 EFLAGS: 00000206\n[ 88.804032] RAX: 0000000000000000 RBX: ffff9a1f8420c800 RCX: ffff9a1f8420c800\n[ 88.804560] RDX: ffff9a1f81bc1440 RSI: 0000000000000000 RDI: 0000000000000000\n[ 88.805056] RBP: ffffffffc04bb0e0 R08: 0000000000000001 R09: 00000000ff7f9a1f\n[ 88.805473] R10: 000000000001001b R11: 0000000000009a1f R12: 0000000000000140\n[ 88.806194] R13: 0000000000000001 R14: ffff9a1f886df400 R15: ffff9a1f886df4ac\n[ 88.806734] FS: 00007f445601a740(0000) GS:ffff9a2e7fd80000(0000) knlGS:0000000000000000\n[ 88.807225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 88.807672] CR2: 0000000000000000 CR3: 000000050cc46000 CR4: 00000000000006f0\n[ 88.808165] Call Trace:\n[ 88.808459] <TASK>\n[ 88.808710] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n[ 88.809261] ? page_fault_oops (arch/x86/mm/fault.c:715)\n[ 88.809561] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539)\n[ 88.809806] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n[ 88.810074] ? sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq\n[ 88.810411] sfq_reset (net/sched/sch_sfq.c:525) sch_sfq\n[ 88.810671] qdisc_reset (./include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 ./include/linux/skbuff.h:3310 net/sched/sch_g\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50039", url: "https://www.suse.com/security/cve/CVE-2024-50039", }, { category: "external", summary: "SUSE Bug 1231909 for CVE-2024-50039", url: "https://bugzilla.suse.com/1231909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50039", }, { cve: "CVE-2024-50040", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50040", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not bring the device up after non-fatal error\n\nCommit 004d25060c78 (\"igb: Fix igb_down hung on surprise removal\")\nchanged igb_io_error_detected() to ignore non-fatal pcie errors in order\nto avoid hung task that can happen when igb_down() is called multiple\ntimes. This caused an issue when processing transient non-fatal errors.\nigb_io_resume(), which is called after igb_io_error_detected(), assumes\nthat device is brought down by igb_io_error_detected() if the interface\nis up. This resulted in panic with stacktrace below.\n\n[ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down\n[ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0\n[ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID)\n[ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000\n[ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000\n[ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message\n[ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported.\n[ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message\n[ T292] pcieport 0000:00:1c.5: AER: broadcast resume message\n[ T292] ------------[ cut here ]------------\n[ T292] kernel BUG at net/core/dev.c:6539!\n[ T292] invalid opcode: 0000 [#1] PREEMPT SMP\n[ T292] RIP: 0010:napi_enable+0x37/0x40\n[ T292] Call Trace:\n[ T292] <TASK>\n[ T292] ? die+0x33/0x90\n[ T292] ? do_trap+0xdc/0x110\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? do_error_trap+0x70/0xb0\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? exc_invalid_op+0x4e/0x70\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? asm_exc_invalid_op+0x16/0x20\n[ T292] ? napi_enable+0x37/0x40\n[ T292] igb_up+0x41/0x150\n[ T292] igb_io_resume+0x25/0x70\n[ T292] report_resume+0x54/0x70\n[ T292] ? report_frozen_detected+0x20/0x20\n[ T292] pci_walk_bus+0x6c/0x90\n[ T292] ? aer_print_port_info+0xa0/0xa0\n[ T292] pcie_do_recovery+0x22f/0x380\n[ T292] aer_process_err_devices+0x110/0x160\n[ T292] aer_isr+0x1c1/0x1e0\n[ T292] ? disable_irq_nosync+0x10/0x10\n[ T292] irq_thread_fn+0x1a/0x60\n[ T292] irq_thread+0xe3/0x1a0\n[ T292] ? irq_set_affinity_notifier+0x120/0x120\n[ T292] ? irq_affinity_notify+0x100/0x100\n[ T292] kthread+0xe2/0x110\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork+0x2d/0x50\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork_asm+0x11/0x20\n[ T292] </TASK>\n\nTo fix this issue igb_io_resume() checks if the interface is running and\nthe device is not down this means igb_io_error_detected() did not bring\nthe device down and there is no need to bring it up.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50040", url: "https://www.suse.com/security/cve/CVE-2024-50040", }, { category: "external", summary: "SUSE Bug 1231908 for CVE-2024-50040", url: "https://bugzilla.suse.com/1231908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50040", }, { cve: "CVE-2024-50041", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50041", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix macvlan leak by synchronizing access to mac_filter_hash\n\nThis patch addresses a macvlan leak issue in the i40e driver caused by\nconcurrent access to vsi->mac_filter_hash. The leak occurs when multiple\nthreads attempt to modify the mac_filter_hash simultaneously, leading to\ninconsistent state and potential memory leaks.\n\nTo fix this, we now wrap the calls to i40e_del_mac_filter() and zeroing\nvf->default_lan_addr.addr with spin_lock/unlock_bh(&vsi->mac_filter_hash_lock),\nensuring atomic operations and preventing concurrent access.\n\nAdditionally, we add lockdep_assert_held(&vsi->mac_filter_hash_lock) in\ni40e_add_mac_filter() to help catch similar issues in the future.\n\nReproduction steps:\n1. Spawn VFs and configure port vlan on them.\n2. Trigger concurrent macvlan operations (e.g., adding and deleting\n\tportvlan and/or mac filters).\n3. Observe the potential memory leak and inconsistent state in the\n\tmac_filter_hash.\n\nThis synchronization ensures the integrity of the mac_filter_hash and prevents\nthe described leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50041", url: "https://www.suse.com/security/cve/CVE-2024-50041", }, { category: "external", summary: "SUSE Bug 1231907 for CVE-2024-50041", url: "https://bugzilla.suse.com/1231907", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50041", }, { cve: "CVE-2024-50042", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50042", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix increasing MSI-X on VF\n\nIncreasing MSI-X value on a VF leads to invalid memory operations. This\nis caused by not reallocating some arrays.\n\nReproducer:\n modprobe ice\n echo 0 > /sys/bus/pci/devices/$PF_PCI/sriov_drivers_autoprobe\n echo 1 > /sys/bus/pci/devices/$PF_PCI/sriov_numvfs\n echo 17 > /sys/bus/pci/devices/$VF0_PCI/sriov_vf_msix_count\n\nDefault MSI-X is 16, so 17 and above triggers this issue.\n\nKASAN reports:\n\n BUG: KASAN: slab-out-of-bounds in ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n Read of size 8 at addr ffff8888b937d180 by task bash/28433\n (...)\n\n Call Trace:\n (...)\n ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n kasan_report+0xed/0x120\n ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n ice_vsi_cfg_def+0x3360/0x4770 [ice]\n ? mutex_unlock+0x83/0xd0\n ? __pfx_ice_vsi_cfg_def+0x10/0x10 [ice]\n ? __pfx_ice_remove_vsi_lkup_fltr+0x10/0x10 [ice]\n ice_vsi_cfg+0x7f/0x3b0 [ice]\n ice_vf_reconfig_vsi+0x114/0x210 [ice]\n ice_sriov_set_msix_vec_count+0x3d0/0x960 [ice]\n sriov_vf_msix_count_store+0x21c/0x300\n (...)\n\n Allocated by task 28201:\n (...)\n ice_vsi_cfg_def+0x1c8e/0x4770 [ice]\n ice_vsi_cfg+0x7f/0x3b0 [ice]\n ice_vsi_setup+0x179/0xa30 [ice]\n ice_sriov_configure+0xcaa/0x1520 [ice]\n sriov_numvfs_store+0x212/0x390\n (...)\n\nTo fix it, use ice_vsi_rebuild() instead of ice_vf_reconfig_vsi(). This\ncauses the required arrays to be reallocated taking the new queue count\ninto account (ice_vsi_realloc_stat_arrays()). Set req_txq and req_rxq\nbefore ice_vsi_rebuild(), so that realloc uses the newly set queue\ncount.\n\nAdditionally, ice_vsi_rebuild() does not remove VSI filters\n(ice_fltr_remove_all()), so ice_vf_init_host_cfg() is no longer\nnecessary.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50042", url: "https://www.suse.com/security/cve/CVE-2024-50042", }, { category: "external", summary: "SUSE Bug 1231906 for CVE-2024-50042", url: "https://bugzilla.suse.com/1231906", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50042", }, { cve: "CVE-2024-50043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50043", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix possible badness in FREE_STATEID\n\nWhen multiple FREE_STATEIDs are sent for the same delegation stateid,\nit can lead to a possible either use-after-free or counter refcount\nunderflow errors.\n\nIn nfsd4_free_stateid() under the client lock we find a delegation\nstateid, however the code drops the lock before calling nfs4_put_stid(),\nthat allows another FREE_STATE to find the stateid again. The first one\nwill proceed to then free the stateid which leads to either\nuse-after-free or decrementing already zeroed counter.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50043", url: "https://www.suse.com/security/cve/CVE-2024-50043", }, { category: "external", summary: "SUSE Bug 1231905 for CVE-2024-50043", url: "https://bugzilla.suse.com/1231905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50043", }, { cve: "CVE-2024-50044", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50044", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\n\nrfcomm_sk_state_change attempts to use sock_lock so it must never be\ncalled with it locked but rfcomm_sock_ioctl always attempt to lock it\ncausing the following trace:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted\n------------------------------------------------------\nsyz-executor386/5093 is trying to acquire lock:\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline]\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73\n\nbut task is already holding lock:\nffff88807badfd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50044", url: "https://www.suse.com/security/cve/CVE-2024-50044", }, { category: "external", summary: "SUSE Bug 1231904 for CVE-2024-50044", url: "https://bugzilla.suse.com/1231904", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50044", }, { cve: "CVE-2024-50045", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50045", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: fix panic with metadata_dst skb\n\nFix a kernel panic in the br_netfilter module when sending untagged\ntraffic via a VxLAN device.\nThis happens during the check for fragmentation in br_nf_dev_queue_xmit.\n\nIt is dependent on:\n1) the br_netfilter module being loaded;\n2) net.bridge.bridge-nf-call-iptables set to 1;\n3) a bridge with a VxLAN (single-vxlan-device) netdevice as a bridge port;\n4) untagged frames with size higher than the VxLAN MTU forwarded/flooded\n\nWhen forwarding the untagged packet to the VxLAN bridge port, before\nthe netfilter hooks are called, br_handle_egress_vlan_tunnel is called and\nchanges the skb_dst to the tunnel dst. The tunnel_dst is a metadata type\nof dst, i.e., skb_valid_dst(skb) is false, and metadata->dst.dev is NULL.\n\nThen in the br_netfilter hooks, in br_nf_dev_queue_xmit, there's a check\nfor frames that needs to be fragmented: frames with higher MTU than the\nVxLAN device end up calling br_nf_ip_fragment, which in turns call\nip_skb_dst_mtu.\n\nThe ip_dst_mtu tries to use the skb_dst(skb) as if it was a valid dst\nwith valid dst->dev, thus the crash.\n\nThis case was never supported in the first place, so drop the packet\ninstead.\n\nPING 10.0.0.2 (10.0.0.2) from 0.0.0.0 h1-eth0: 2000(2028) bytes of data.\n[ 176.291791] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000110\n[ 176.292101] Mem abort info:\n[ 176.292184] ESR = 0x0000000096000004\n[ 176.292322] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 176.292530] SET = 0, FnV = 0\n[ 176.292709] EA = 0, S1PTW = 0\n[ 176.292862] FSC = 0x04: level 0 translation fault\n[ 176.293013] Data abort info:\n[ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 176.293995] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000043ef5000\n[ 176.294166] [0000000000000110] pgd=0000000000000000,\np4d=0000000000000000\n[ 176.294827] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 176.295252] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel veth\nbr_netfilter bridge stp llc ipv6 crct10dif_ce\n[ 176.295923] CPU: 0 PID: 188 Comm: ping Not tainted\n6.8.0-rc3-g5b3fbd61b9d1 #2\n[ 176.296314] Hardware name: linux,dummy-virt (DT)\n[ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS\nBTYPE=--)\n[ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter]\n[ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter]\n[ 176.297636] sp : ffff800080003630\n[ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27:\nffff6828c49ad9f8\n[ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24:\n00000000000003e8\n[ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21:\nffff6828c3b16d28\n[ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18:\n0000000000000014\n[ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15:\n0000000095744632\n[ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12:\nffffb7e137926a70\n[ 176.299574] x11: 0000000000000001 x10: ffff6828c3f1c898 x9 :\n0000000000000000\n[ 176.300049] x8 : ffff6828c49bf070 x7 : 0008460f18d5f20e x6 :\nf20e0100bebafeca\n[ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 :\n0000000000000000\n[ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 :\nffff6828c7f918f0\n[ 176.300889] Call trace:\n[ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter]\n[ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter]\n[ 176.301703] nf_hook_slow+0x48/0x124\n[ 176.302060] br_forward_finish+0xc8/0xe8 [bridge]\n[ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_netfilter]\n[ 176.302605] br_nf_forward_finish+0x118/0x22c [br_netfilter]\n[ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_netfilter]\n[ 176.303136] br_nf_forward+0x2b8/0x4e0 [br_netfilter]\n[ 176.303359] nf_hook_slow+0x48/0x124\n[ 176.303\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50045", url: "https://www.suse.com/security/cve/CVE-2024-50045", }, { category: "external", summary: "SUSE Bug 1231903 for CVE-2024-50045", url: "https://bugzilla.suse.com/1231903", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50045", }, { cve: "CVE-2024-50046", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50046", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()\n\nOn the node of an NFS client, some files saved in the mountpoint of the\nNFS server were copied to another location of the same NFS server.\nAccidentally, the nfs42_complete_copies() got a NULL-pointer dereference\ncrash with the following syslog:\n\n[232064.838881] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232064.839360] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232066.588183] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058\n[232066.588586] Mem abort info:\n[232066.588701] ESR = 0x0000000096000007\n[232066.588862] EC = 0x25: DABT (current EL), IL = 32 bits\n[232066.589084] SET = 0, FnV = 0\n[232066.589216] EA = 0, S1PTW = 0\n[232066.589340] FSC = 0x07: level 3 translation fault\n[232066.589559] Data abort info:\n[232066.589683] ISV = 0, ISS = 0x00000007\n[232066.589842] CM = 0, WnR = 0\n[232066.589967] user pgtable: 64k pages, 48-bit VAs, pgdp=00002000956ff400\n[232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=0000000000000000\n[232066.590757] Internal error: Oops: 96000007 [#1] SMP\n[232066.590958] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport dummy ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp bonding tls rfkill sunrpc ext4 mbcache jbd2\n[232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs\n[232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: loaded Not tainted 5.15.131-9.cl9_ocfs2.aarch64 #1\n[232066.597356] Hardware name: Great Wall .\\x93\\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06\n[232066.597721] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[232066.598034] pc : nfs4_reclaim_open_state+0x220/0x800 [nfsv4]\n[232066.598327] lr : nfs4_reclaim_open_state+0x12c/0x800 [nfsv4]\n[232066.598595] sp : ffff8000f568fc70\n[232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000\n[232066.599030] x26: ffff800005521ae0 x25: ffff0100f98fa3f0 x24: 0000000000000001\n[232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050\n[232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000\n[232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000\n[232066.600195] x14: 0000000000000000 x13: ffff800008e685a8 x12: 00000000eac0c6e6\n[232066.600498] x11: 00000000000000\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50046", url: "https://www.suse.com/security/cve/CVE-2024-50046", }, { category: "external", summary: "SUSE Bug 1231902 for CVE-2024-50046", url: "https://bugzilla.suse.com/1231902", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50046", }, { cve: "CVE-2024-50047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50047", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in async decryption\n\nDoing an async decryption (large read) crashes with a\nslab-use-after-free way down in the crypto API.\n\nReproducer:\n # mount.cifs -o ...,seal,esize=1 //srv/share /mnt\n # dd if=/mnt/largefile of=/dev/null\n ...\n [ 194.196391] ==================================================================\n [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110\n [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899\n [ 194.197707]\n [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43\n [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\n [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs]\n [ 194.200032] Call Trace:\n [ 194.200191] <TASK>\n [ 194.200327] dump_stack_lvl+0x4e/0x70\n [ 194.200558] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.200809] print_report+0x174/0x505\n [ 194.201040] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n [ 194.201352] ? srso_return_thunk+0x5/0x5f\n [ 194.201604] ? __virt_addr_valid+0xdf/0x1c0\n [ 194.201868] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.202128] kasan_report+0xc8/0x150\n [ 194.202361] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.202616] gf128mul_4k_lle+0xc1/0x110\n [ 194.202863] ghash_update+0x184/0x210\n [ 194.203103] shash_ahash_update+0x184/0x2a0\n [ 194.203377] ? __pfx_shash_ahash_update+0x10/0x10\n [ 194.203651] ? srso_return_thunk+0x5/0x5f\n [ 194.203877] ? crypto_gcm_init_common+0x1ba/0x340\n [ 194.204142] gcm_hash_assoc_remain_continue+0x10a/0x140\n [ 194.204434] crypt_message+0xec1/0x10a0 [cifs]\n [ 194.206489] ? __pfx_crypt_message+0x10/0x10 [cifs]\n [ 194.208507] ? srso_return_thunk+0x5/0x5f\n [ 194.209205] ? srso_return_thunk+0x5/0x5f\n [ 194.209925] ? srso_return_thunk+0x5/0x5f\n [ 194.210443] ? srso_return_thunk+0x5/0x5f\n [ 194.211037] decrypt_raw_data+0x15f/0x250 [cifs]\n [ 194.212906] ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n [ 194.214670] ? srso_return_thunk+0x5/0x5f\n [ 194.215193] smb2_decrypt_offload+0x12a/0x6c0 [cifs]\n\nThis is because TFM is being used in parallel.\n\nFix this by allocating a new AEAD TFM for async decryption, but keep\nthe existing one for synchronous READ cases (similar to what is done\nin smb3_calc_signature()).\n\nAlso remove the calls to aead_request_set_callback() and\ncrypto_wait_req() since it's always going to be a synchronous operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50047", url: "https://www.suse.com/security/cve/CVE-2024-50047", }, { category: "external", summary: "SUSE Bug 1232418 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232418", }, { category: "external", summary: "SUSE Bug 1232576 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232576", }, { category: "external", summary: "SUSE Bug 1232638 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232638", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50047", }, { cve: "CVE-2024-50048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50048", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: Fix a NULL pointer dereference issue in fbcon_putcs\n\nsyzbot has found a NULL pointer dereference bug in fbcon.\nHere is the simplified C reproducer:\n\nstruct param {\n\tuint8_t type;\n\tstruct tiocl_selection ts;\n};\n\nint main()\n{\n\tstruct fb_con2fbmap con2fb;\n\tstruct param param;\n\n\tint fd = open(\"/dev/fb1\", 0, 0);\n\n\tcon2fb.console = 0x19;\n\tcon2fb.framebuffer = 0;\n\tioctl(fd, FBIOPUT_CON2FBMAP, &con2fb);\n\n\tparam.type = 2;\n\tparam.ts.xs = 0; param.ts.ys = 0;\n\tparam.ts.xe = 0; param.ts.ye = 0;\n\tparam.ts.sel_mode = 0;\n\n\tint fd1 = open(\"/dev/tty1\", O_RDWR, 0);\n\tioctl(fd1, TIOCLINUX, ¶m);\n\n\tcon2fb.console = 1;\n\tcon2fb.framebuffer = 0;\n\tioctl(fd, FBIOPUT_CON2FBMAP, &con2fb);\n\n\treturn 0;\n}\n\nAfter calling ioctl(fd1, TIOCLINUX, ¶m), the subsequent ioctl(fd, FBIOPUT_CON2FBMAP, &con2fb)\ncauses the kernel to follow a different execution path:\n\n set_con2fb_map\n -> con2fb_init_display\n -> fbcon_set_disp\n -> redraw_screen\n -> hide_cursor\n -> clear_selection\n -> highlight\n -> invert_screen\n -> do_update_region\n -> fbcon_putcs\n -> ops->putcs\n\nSince ops->putcs is a NULL pointer, this leads to a kernel panic.\nTo prevent this, we need to call set_blitting_type() within set_con2fb_map()\nto properly initialize ops->putcs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50048", url: "https://www.suse.com/security/cve/CVE-2024-50048", }, { category: "external", summary: "SUSE Bug 1232310 for CVE-2024-50048", url: "https://bugzilla.suse.com/1232310", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50048", }, { cve: "CVE-2024-50049", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50049", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointer before dereferencing se\n\n[WHAT & HOW]\nse is null checked previously in the same function, indicating\nit might be null; therefore, it must be checked when used again.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50049", url: "https://www.suse.com/security/cve/CVE-2024-50049", }, { category: "external", summary: "SUSE Bug 1232309 for CVE-2024-50049", url: "https://bugzilla.suse.com/1232309", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50049", }, { cve: "CVE-2024-50055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50055", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50055", url: "https://www.suse.com/security/cve/CVE-2024-50055", }, { category: "external", summary: "SUSE Bug 1232329 for CVE-2024-50055", url: "https://bugzilla.suse.com/1232329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50055", }, { cve: "CVE-2024-50056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50056", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: 'fmtdesc' dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: 'fmtdesc' dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50056", url: "https://www.suse.com/security/cve/CVE-2024-50056", }, { category: "external", summary: "SUSE Bug 1232389 for CVE-2024-50056", url: "https://bugzilla.suse.com/1232389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50056", }, { cve: "CVE-2024-50057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50057", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tipd: Free IRQ only if it was requested before\n\nIn polling mode, if no IRQ was requested there is no need to free it.\nCall devm_free_irq() only if client->irq is set. This fixes the warning\ncaused by the tps6598x module removal:\n\nWARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c\n...\n...\nCall trace:\n devm_free_irq+0x80/0x8c\n tps6598x_remove+0x28/0x88 [tps6598x]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x50/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x]\n __arm64_sys_delete_module+0x184/0x264\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0xc8/0xe8\n do_el0_svc+0x20/0x2c\n el0_svc+0x28/0x98\n el0t_64_sync_handler+0x13c/0x158\n el0t_64_sync+0x190/0x194", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50057", url: "https://www.suse.com/security/cve/CVE-2024-50057", }, { category: "external", summary: "SUSE Bug 1232393 for CVE-2024-50057", url: "https://bugzilla.suse.com/1232393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50057", }, { cve: "CVE-2024-50058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50058", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\n\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part\n3) added few uport == NULL checks. It added one to uart_shutdown(), so\nthe commit assumes, uport can be NULL in there. But right after that\nprotection, there is an unprotected \"uart_port_dtr_rts(uport, false);\"\ncall. That is invoked only if HUPCL is set, so I assume that is the\nreason why we do not see lots of these reports.\n\nOr it cannot be NULL at this point at all for some reason :P.\n\nUntil the above is investigated, stay on the safe side and move this\ndereference to the if too.\n\nI got this inconsistency from Coverity under CID 1585130. Thanks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50058", url: "https://www.suse.com/security/cve/CVE-2024-50058", }, { category: "external", summary: "SUSE Bug 1232285 for CVE-2024-50058", url: "https://bugzilla.suse.com/1232285", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50058", }, { cve: "CVE-2024-50059", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50059", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition\n\nIn the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev\nfunction, then &sndev->check_link_status_work is bound with\ncheck_link_status_work. switchtec_ntb_link_notification may be called\nto start the work.\n\nIf we remove the module which will call switchtec_ntb_remove to make\ncleanup, it will free sndev through kfree(sndev), while the work\nmentioned above will be used. The sequence of operations that may lead\nto a UAF bug is as follows:\n\nCPU0 CPU1\n\n | check_link_status_work\nswitchtec_ntb_remove |\nkfree(sndev); |\n | if (sndev->link_force_down)\n | // use sndev\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in switchtec_ntb_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50059", url: "https://www.suse.com/security/cve/CVE-2024-50059", }, { category: "external", summary: "SUSE Bug 1232345 for CVE-2024-50059", url: "https://bugzilla.suse.com/1232345", }, { category: "external", summary: "SUSE Bug 1232348 for CVE-2024-50059", url: "https://bugzilla.suse.com/1232348", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50059", }, { cve: "CVE-2024-50060", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50060", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check if we need to reschedule during overflow flush\n\nIn terms of normal application usage, this list will always be empty.\nAnd if an application does overflow a bit, it'll have a few entries.\nHowever, nothing obviously prevents syzbot from running a test case\nthat generates a ton of overflow entries, and then flushing them can\ntake quite a while.\n\nCheck for needing to reschedule while flushing, and drop our locks and\ndo so if necessary. There's no state to maintain here as overflows\nalways prune from head-of-list, hence it's fine to drop and reacquire\nthe locks at the end of the loop.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50060", url: "https://www.suse.com/security/cve/CVE-2024-50060", }, { category: "external", summary: "SUSE Bug 1232417 for CVE-2024-50060", url: "https://bugzilla.suse.com/1232417", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50060", }, { cve: "CVE-2024-50061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50061", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition\n\nIn the cdns_i3c_master_probe function, &master->hj_work is bound with\ncdns_i3c_master_hj. And cdns_i3c_master_interrupt can call\ncnds_i3c_master_demux_ibis function to start the work.\n\nIf we remove the module which will call cdns_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | cdns_i3c_master_hj\ncdns_i3c_master_remove |\ni3c_master_unregister(&master->base) |\ndevice_unregister(&master->dev) |\ndevice_release |\n//free master->base |\n | i3c_master_do_daa(&master->base)\n | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in cdns_i3c_master_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50061", url: "https://www.suse.com/security/cve/CVE-2024-50061", }, { category: "external", summary: "SUSE Bug 1232263 for CVE-2024-50061", url: "https://bugzilla.suse.com/1232263", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50061", }, { cve: "CVE-2024-50062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50062", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs-srv: Avoid null pointer deref during path establishment\n\nFor RTRS path establishment, RTRS client initiates and completes con_num\nof connections. After establishing all its connections, the information\nis exchanged between the client and server through the info_req message.\nDuring this exchange, it is essential that all connections have been\nestablished, and the state of the RTRS srv path is CONNECTED.\n\nSo add these sanity checks, to make sure we detect and abort process in\nerror scenarios to avoid null pointer deref.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50062", url: "https://www.suse.com/security/cve/CVE-2024-50062", }, { category: "external", summary: "SUSE Bug 1232232 for CVE-2024-50062", url: "https://bugzilla.suse.com/1232232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50062", }, { cve: "CVE-2024-50063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50063", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tail call between progs attached to different hooks\n\nbpf progs can be attached to kernel functions, and the attached functions\ncan take different parameters or return different return values. If\nprog attached to one kernel function tail calls prog attached to another\nkernel function, the ctx access or return value verification could be\nbypassed.\n\nFor example, if prog1 is attached to func1 which takes only 1 parameter\nand prog2 is attached to func2 which takes two parameters. Since verifier\nassumes the bpf ctx passed to prog2 is constructed based on func2's\nprototype, verifier allows prog2 to access the second parameter from\nthe bpf ctx passed to it. The problem is that verifier does not prevent\nprog1 from passing its bpf ctx to prog2 via tail call. In this case,\nthe bpf ctx passed to prog2 is constructed from func1 instead of func2,\nthat is, the assumption for ctx access verification is bypassed.\n\nAnother example, if BPF LSM prog1 is attached to hook file_alloc_security,\nand BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier\nknows the return value rules for these two hooks, e.g. it is legal for\nbpf_lsm_audit_rule_known to return positive number 1, and it is illegal\nfor file_alloc_security to return positive number. So verifier allows\nprog2 to return positive number 1, but does not allow prog1 to return\npositive number. The problem is that verifier does not prevent prog1\nfrom calling prog2 via tail call. In this case, prog2's return value 1\nwill be used as the return value for prog1's hook file_alloc_security.\nThat is, the return value rule is bypassed.\n\nThis patch adds restriction for tail call to prevent such bypasses.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50063", url: "https://www.suse.com/security/cve/CVE-2024-50063", }, { category: "external", summary: "SUSE Bug 1232435 for CVE-2024-50063", url: "https://bugzilla.suse.com/1232435", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50063", }, { cve: "CVE-2024-50064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50064", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: free secondary algorithms names\n\nWe need to kfree() secondary algorithms names when reset zram device that\nhad multi-streams, otherwise we leak memory.\n\n[senozhatsky@chromium.org: kfree(NULL) is legal]\n Link: https://lkml.kernel.org/r/20240917013021.868769-1-senozhatsky@chromium.org", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50064", url: "https://www.suse.com/security/cve/CVE-2024-50064", }, { category: "external", summary: "SUSE Bug 1231901 for CVE-2024-50064", url: "https://bugzilla.suse.com/1231901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50064", }, { cve: "CVE-2024-50065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50065", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Change to non-blocking allocation in ntfs_d_hash\n\nd_hash is done while under \"rcu-walk\" and should not sleep.\n__get_name() allocates using GFP_KERNEL, having the possibility\nto sleep when under memory pressure. Change the allocation to\nGFP_NOWAIT.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50065", url: "https://www.suse.com/security/cve/CVE-2024-50065", }, { category: "external", summary: "SUSE Bug 1231899 for CVE-2024-50065", url: "https://bugzilla.suse.com/1231899", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50065", }, { cve: "CVE-2024-50066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50066", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mremap: fix move_normal_pmd/retract_page_tables race\n\nIn mremap(), move_page_tables() looks at the type of the PMD entry and the\nspecified address range to figure out by which method the next chunk of\npage table entries should be moved.\n\nAt that point, the mmap_lock is held in write mode, but no rmap locks are\nheld yet. For PMD entries that point to page tables and are fully covered\nby the source address range, move_pgt_entry(NORMAL_PMD, ...) is called,\nwhich first takes rmap locks, then does move_normal_pmd(). \nmove_normal_pmd() takes the necessary page table locks at source and\ndestination, then moves an entire page table from the source to the\ndestination.\n\nThe problem is: The rmap locks, which protect against concurrent page\ntable removal by retract_page_tables() in the THP code, are only taken\nafter the PMD entry has been read and it has been decided how to move it. \nSo we can race as follows (with two processes that have mappings of the\nsame tmpfs file that is stored on a tmpfs mount with huge=advise); note\nthat process A accesses page tables through the MM while process B does it\nthrough the file rmap:\n\nprocess A process B\n========= =========\nmremap\n mremap_to\n move_vma\n move_page_tables\n get_old_pmd\n alloc_new_pmd\n *** PREEMPT ***\n madvise(MADV_COLLAPSE)\n do_madvise\n madvise_walk_vmas\n madvise_vma_behavior\n madvise_collapse\n hpage_collapse_scan_file\n collapse_file\n retract_page_tables\n i_mmap_lock_read(mapping)\n pmdp_collapse_flush\n i_mmap_unlock_read(mapping)\n move_pgt_entry(NORMAL_PMD, ...)\n take_rmap_locks\n move_normal_pmd\n drop_rmap_locks\n\nWhen this happens, move_normal_pmd() can end up creating bogus PMD entries\nin the line `pmd_populate(mm, new_pmd, pmd_pgtable(pmd))`. The effect\ndepends on arch-specific and machine-specific details; on x86, you can end\nup with physical page 0 mapped as a page table, which is likely\nexploitable for user->kernel privilege escalation.\n\nFix the race by letting process B recheck that the PMD still points to a\npage table after the rmap locks have been taken. Otherwise, we bail and\nlet the caller fall back to the PTE-level copying path, which will then\nbail immediately at the pmd_none() check.\n\nBug reachability: Reaching this bug requires that you can create\nshmem/file THP mappings - anonymous THP uses different code that doesn't\nzap stuff under rmap locks. File THP is gated on an experimental config\nflag (CONFIG_READ_ONLY_THP_FOR_FS), so on normal distro kernels you need\nshmem THP to hit this bug. As far as I know, getting shmem THP normally\nrequires that you can mount your own tmpfs with the right mount flags,\nwhich would require creating your own user+mount namespace; though I don't\nknow if some distros maybe enable shmem THP by default or something like\nthat.\n\nBug impact: This issue can likely be used for user->kernel privilege\nescalation when it is reachable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50066", url: "https://www.suse.com/security/cve/CVE-2024-50066", }, { category: "external", summary: "SUSE Bug 1232078 for CVE-2024-50066", url: "https://bugzilla.suse.com/1232078", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50066", }, { cve: "CVE-2024-50067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50067", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobe: avoid out-of-bounds memory access of fetching args\n\nUprobe needs to fetch args into a percpu buffer, and then copy to ring\nbuffer to avoid non-atomic context problem.\n\nSometimes user-space strings, arrays can be very large, but the size of\npercpu buffer is only page size. And store_trace_args() won't check\nwhether these data exceeds a single page or not, caused out-of-bounds\nmemory access.\n\nIt could be reproduced by following steps:\n1. build kernel with CONFIG_KASAN enabled\n2. save follow program as test.c\n\n```\n\\#include <stdio.h>\n\\#include <stdlib.h>\n\\#include <string.h>\n\n// If string length large than MAX_STRING_SIZE, the fetch_store_strlen()\n// will return 0, cause __get_data_size() return shorter size, and\n// store_trace_args() will not trigger out-of-bounds access.\n// So make string length less than 4096.\n\\#define STRLEN 4093\n\nvoid generate_string(char *str, int n)\n{\n int i;\n for (i = 0; i < n; ++i)\n {\n char c = i % 26 + 'a';\n str[i] = c;\n }\n str[n-1] = '\\0';\n}\n\nvoid print_string(char *str)\n{\n printf(\"%s\\n\", str);\n}\n\nint main()\n{\n char tmp[STRLEN];\n\n generate_string(tmp, STRLEN);\n print_string(tmp);\n\n return 0;\n}\n```\n3. compile program\n`gcc -o test test.c`\n\n4. get the offset of `print_string()`\n```\nobjdump -t test | grep -w print_string\n0000000000401199 g F .text 000000000000001b print_string\n```\n\n5. configure uprobe with offset 0x1199\n```\noff=0x1199\n\ncd /sys/kernel/debug/tracing/\necho \"p /root/test:${off} arg1=+0(%di):ustring arg2=\\$comm arg3=+0(%di):ustring\"\n > uprobe_events\necho 1 > events/uprobes/enable\necho 1 > tracing_on\n```\n\n6. run `test`, and kasan will report error.\n==================================================================\nBUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0\nWrite of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18\nHardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014\nCall Trace:\n <TASK>\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x27/0x310\n kasan_report+0x10f/0x120\n ? strncpy_from_user+0x1d6/0x1f0\n strncpy_from_user+0x1d6/0x1f0\n ? rmqueue.constprop.0+0x70d/0x2ad0\n process_fetch_insn+0xb26/0x1470\n ? __pfx_process_fetch_insn+0x10/0x10\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __pte_offset_map+0x1f/0x2d0\n ? unwind_next_frame+0xc5f/0x1f80\n ? arch_stack_walk+0x68/0xf0\n ? is_bpf_text_address+0x23/0x30\n ? kernel_text_address.part.0+0xbb/0xd0\n ? __kernel_text_address+0x66/0xb0\n ? unwind_get_return_address+0x5e/0xa0\n ? __pfx_stack_trace_consume_entry+0x10/0x10\n ? arch_stack_walk+0xa2/0xf0\n ? _raw_spin_lock_irqsave+0x8b/0xf0\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? depot_alloc_stack+0x4c/0x1f0\n ? _raw_spin_unlock_irqrestore+0xe/0x30\n ? stack_depot_save_flags+0x35d/0x4f0\n ? kasan_save_stack+0x34/0x50\n ? kasan_save_stack+0x24/0x50\n ? mutex_lock+0x91/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n prepare_uprobe_buffer.part.0+0x2cd/0x500\n uprobe_dispatcher+0x2c3/0x6a0\n ? __pfx_uprobe_dispatcher+0x10/0x10\n ? __kasan_slab_alloc+0x4d/0x90\n handler_chain+0xdd/0x3e0\n handle_swbp+0x26e/0x3d0\n ? __pfx_handle_swbp+0x10/0x10\n ? uprobe_pre_sstep_notifier+0x151/0x1b0\n irqentry_exit_to_user_mode+0xe2/0x1b0\n asm_exc_int3+0x39/0x40\nRIP: 0033:0x401199\nCode: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce\nRSP: 002b:00007ffdf00576a8 EFLAGS: 00000206\nRAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2\nRDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0\nRBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20\nR10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040\nR13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\nThis commit enforces the buffer's maxlen less than a page-size to avoid\nstore_trace_args() out-of-memory access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50067", url: "https://www.suse.com/security/cve/CVE-2024-50067", }, { category: "external", summary: "SUSE Bug 1232416 for CVE-2024-50067", url: "https://bugzilla.suse.com/1232416", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50067", }, { cve: "CVE-2024-50068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50068", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()\n\nThe sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not\nfreed in damon_sysfs_test_add_targets(), which cause the following memory\nleak, free it to fix it.\n\n\tunreferenced object 0xffffff80c2a8db80 (size 96):\n\t comm \"kunit_try_catch\", pid 187, jiffies 4294894363\n\t hex dump (first 32 bytes):\n\t 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n\t 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n\t backtrace (crc 0):\n\t [<0000000001e3714d>] kmemleak_alloc+0x34/0x40\n\t [<000000008e6835c1>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000001286d9f8>] damon_sysfs_test_add_targets+0x1cc/0x738\n\t [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000adf936cf>] kthread+0x2e8/0x374\n\t [<0000000041bb1628>] ret_from_fork+0x10/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50068", url: "https://www.suse.com/security/cve/CVE-2024-50068", }, { category: "external", summary: "SUSE Bug 1232512 for CVE-2024-50068", url: "https://bugzilla.suse.com/1232512", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50068", }, { cve: "CVE-2024-50069", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50069", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: apple: check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked. Fix this lack and check the returned value.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50069", url: "https://www.suse.com/security/cve/CVE-2024-50069", }, { category: "external", summary: "SUSE Bug 1232511 for CVE-2024-50069", url: "https://bugzilla.suse.com/1232511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50069", }, { cve: "CVE-2024-50070", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50070", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: stm32: check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked. Fix this lack and check the returned value.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50070", url: "https://www.suse.com/security/cve/CVE-2024-50070", }, { category: "external", summary: "SUSE Bug 1232510 for CVE-2024-50070", url: "https://bugzilla.suse.com/1232510", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50070", }, { cve: "CVE-2024-50071", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50071", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()\n\n'new_map' is allocated using devm_* which takes care of freeing the\nallocated data on device removal, call to\n\n\t.dt_free_map = pinconf_generic_dt_free_map\n\ndouble frees the map as pinconf_generic_dt_free_map() calls\npinctrl_utils_free_map().\n\nFix this by using kcalloc() instead of auto-managed devm_kcalloc().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50071", url: "https://www.suse.com/security/cve/CVE-2024-50071", }, { category: "external", summary: "SUSE Bug 1232509 for CVE-2024-50071", url: "https://bugzilla.suse.com/1232509", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50071", }, { cve: "CVE-2024-50072", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50072", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/bugs: Use code segment selector for VERW operand\n\nRobert Gill reported below #GP in 32-bit mode when dosemu software was\nexecuting vm86() system call:\n\n general protection fault: 0000 [#1] PREEMPT SMP\n CPU: 4 PID: 4610 Comm: dosemu.bin Not tainted 6.6.21-gentoo-x86 #1\n Hardware name: Dell Inc. PowerEdge 1950/0H723K, BIOS 2.7.0 10/30/2010\n EIP: restore_all_switch_stack+0xbe/0xcf\n EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000\n ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: ff8affdc\n DS: 0000 ES: 0000 FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010046\n CR0: 80050033 CR2: 00c2101c CR3: 04b6d000 CR4: 000406d0\n Call Trace:\n show_regs+0x70/0x78\n die_addr+0x29/0x70\n exc_general_protection+0x13c/0x348\n exc_bounds+0x98/0x98\n handle_exception+0x14d/0x14d\n exc_bounds+0x98/0x98\n restore_all_switch_stack+0xbe/0xcf\n exc_bounds+0x98/0x98\n restore_all_switch_stack+0xbe/0xcf\n\nThis only happens in 32-bit mode when VERW based mitigations like MDS/RFDS\nare enabled. This is because segment registers with an arbitrary user value\ncan result in #GP when executing VERW. Intel SDM vol. 2C documents the\nfollowing behavior for VERW instruction:\n\n #GP(0) - If a memory operand effective address is outside the CS, DS, ES,\n\t FS, or GS segment limit.\n\nCLEAR_CPU_BUFFERS macro executes VERW instruction before returning to user\nspace. Use %cs selector to reference VERW operand. This ensures VERW will\nnot #GP for an arbitrary user %ds.\n\n[ mingo: Fixed the SOB chain. ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50072", url: "https://www.suse.com/security/cve/CVE-2024-50072", }, { category: "external", summary: "SUSE Bug 1232513 for CVE-2024-50072", url: "https://bugzilla.suse.com/1232513", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50072", }, { cve: "CVE-2024-50073", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50073", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n <TASK>\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50073", url: "https://www.suse.com/security/cve/CVE-2024-50073", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50073", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232520 for CVE-2024-50073", url: "https://bugzilla.suse.com/1232520", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50073", }, { cve: "CVE-2024-50074", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50074", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf(). However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50074", url: "https://www.suse.com/security/cve/CVE-2024-50074", }, { category: "external", summary: "SUSE Bug 1232507 for CVE-2024-50074", url: "https://bugzilla.suse.com/1232507", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50074", }, { cve: "CVE-2024-50075", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50075", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: tegra: fix checked USB2 port number\n\nIf USB virtualizatoin is enabled, USB2 ports are shared between all\nVirtual Functions. The USB2 port number owned by an USB2 root hub in\na Virtual Function may be less than total USB2 phy number supported\nby the Tegra XUSB controller.\n\nUsing total USB2 phy number as port number to check all PORTSC values\nwould cause invalid memory access.\n\n[ 116.923438] Unable to handle kernel paging request at virtual address 006c622f7665642f\n...\n[ 117.213640] Call trace:\n[ 117.216783] tegra_xusb_enter_elpg+0x23c/0x658\n[ 117.222021] tegra_xusb_runtime_suspend+0x40/0x68\n[ 117.227260] pm_generic_runtime_suspend+0x30/0x50\n[ 117.232847] __rpm_callback+0x84/0x3c0\n[ 117.237038] rpm_suspend+0x2dc/0x740\n[ 117.241229] pm_runtime_work+0xa0/0xb8\n[ 117.245769] process_scheduled_works+0x24c/0x478\n[ 117.251007] worker_thread+0x23c/0x328\n[ 117.255547] kthread+0x104/0x1b0\n[ 117.259389] ret_from_fork+0x10/0x20\n[ 117.263582] Code: 54000222 f9461ae8 f8747908 b4ffff48 (f9400100)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50075", url: "https://www.suse.com/security/cve/CVE-2024-50075", }, { category: "external", summary: "SUSE Bug 1232506 for CVE-2024-50075", url: "https://bugzilla.suse.com/1232506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50075", }, { cve: "CVE-2024-50076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50076", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: prevent kernel-infoleak in con_font_get()\n\nfont.data may not initialize all memory spaces depending on the implementation\nof vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it\nis safest to modify it to initialize the allocated memory space to 0, and it\ngenerally does not affect the overall performance of the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50076", url: "https://www.suse.com/security/cve/CVE-2024-50076", }, { category: "external", summary: "SUSE Bug 1232505 for CVE-2024-50076", url: "https://bugzilla.suse.com/1232505", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50076", }, { cve: "CVE-2024-50077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50077", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix multiple init when debugfs is disabled\n\nIf bt_debugfs is not created successfully, which happens if either\nCONFIG_DEBUG_FS or CONFIG_DEBUG_FS_ALLOW_ALL is unset, then iso_init()\nreturns early and does not set iso_inited to true. This means that a\nsubsequent call to iso_init() will result in duplicate calls to\nproto_register(), bt_sock_register(), etc.\n\nWith CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, the\nduplicate call to proto_register() triggers this BUG():\n\n list_add double add: new=ffffffffc0b280d0, prev=ffffffffbab56250,\n next=ffffffffc0b280d0.\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:35!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 2 PID: 887 Comm: bluetoothd Not tainted 6.10.11-1-ao-desktop #1\n RIP: 0010:__list_add_valid_or_report+0x9a/0xa0\n ...\n __list_add_valid_or_report+0x9a/0xa0\n proto_register+0x2b5/0x340\n iso_init+0x23/0x150 [bluetooth]\n set_iso_socket_func+0x68/0x1b0 [bluetooth]\n kmem_cache_free+0x308/0x330\n hci_sock_sendmsg+0x990/0x9e0 [bluetooth]\n __sock_sendmsg+0x7b/0x80\n sock_write_iter+0x9a/0x110\n do_iter_readv_writev+0x11d/0x220\n vfs_writev+0x180/0x3e0\n do_writev+0xca/0x100\n ...\n\nThis change removes the early return. The check for iso_debugfs being\nNULL was unnecessary, it is always NULL when iso_inited is false.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50077", url: "https://www.suse.com/security/cve/CVE-2024-50077", }, { category: "external", summary: "SUSE Bug 1232504 for CVE-2024-50077", url: "https://bugzilla.suse.com/1232504", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50077", }, { cve: "CVE-2024-50078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50078", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Call iso_exit() on module unload\n\nIf iso_init() has been called, iso_exit() must be called on module\nunload. Without that, the struct proto that iso_init() registered with\nproto_register() becomes invalid, which could cause unpredictable\nproblems later. In my case, with CONFIG_LIST_HARDENED and\nCONFIG_BUG_ON_DATA_CORRUPTION enabled, loading the module again usually\ntriggers this BUG():\n\n list_add corruption. next->prev should be prev (ffffffffb5355fd0),\n but was 0000000000000068. (next=ffffffffc0a010d0).\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:29!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 4159 Comm: modprobe Not tainted 6.10.11-4+bt2-ao-desktop #1\n RIP: 0010:__list_add_valid_or_report+0x61/0xa0\n ...\n __list_add_valid_or_report+0x61/0xa0\n proto_register+0x299/0x320\n hci_sock_init+0x16/0xc0 [bluetooth]\n bt_init+0x68/0xd0 [bluetooth]\n __pfx_bt_init+0x10/0x10 [bluetooth]\n do_one_initcall+0x80/0x2f0\n do_init_module+0x8b/0x230\n __do_sys_init_module+0x15f/0x190\n do_syscall_64+0x68/0x110\n ...", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50078", url: "https://www.suse.com/security/cve/CVE-2024-50078", }, { category: "external", summary: "SUSE Bug 1232503 for CVE-2024-50078", url: "https://bugzilla.suse.com/1232503", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50078", }, { cve: "CVE-2024-50079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50079", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work\n\nWhen the sqpoll is exiting and cancels pending work items, it may need\nto run task_work. If this happens from within io_uring_cancel_generic(),\nthen it may be under waiting for the io_uring_task waitqueue. This\nresults in the below splat from the scheduler, as the ring mutex may be\nattempted grabbed while in a TASK_INTERRUPTIBLE state.\n\nEnsure that the task state is set appropriately for that, just like what\nis done for the other cases in io_run_task_work().\n\ndo not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000029387fd2>] prepare_to_wait+0x88/0x2fc\nWARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140\nModules linked in:\nCPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456\nHardware name: linux,dummy-virt (DT)\npstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\npc : __might_sleep+0xf4/0x140\nlr : __might_sleep+0xf4/0x140\nsp : ffff80008c5e7830\nx29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230\nx26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50\nx23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180\nx20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90\nx17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720\nx14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b\nx11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000\nx8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001\nx5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180\nCall trace:\n __might_sleep+0xf4/0x140\n mutex_lock+0x84/0x124\n io_handle_tw_list+0xf4/0x260\n tctx_task_work_run+0x94/0x340\n io_run_task_work+0x1ec/0x3c0\n io_uring_cancel_generic+0x364/0x524\n io_sq_thread+0x820/0x124c\n ret_from_fork+0x10/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50079", url: "https://www.suse.com/security/cve/CVE-2024-50079", }, { category: "external", summary: "SUSE Bug 1232495 for CVE-2024-50079", url: "https://bugzilla.suse.com/1232495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50079", }, { cve: "CVE-2024-50080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50080", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: don't allow user copy for unprivileged device\n\nUBLK_F_USER_COPY requires userspace to call write() on ublk char\ndevice for filling request buffer, and unprivileged device can't\nbe trusted.\n\nSo don't allow user copy for unprivileged device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50080", url: "https://www.suse.com/security/cve/CVE-2024-50080", }, { category: "external", summary: "SUSE Bug 1232502 for CVE-2024-50080", url: "https://bugzilla.suse.com/1232502", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50080", }, { cve: "CVE-2024-50081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50081", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: setup queue ->tag_set before initializing hctx\n\nCommit 7b815817aa58 (\"blk-mq: add helper for checking if one CPU is mapped to specified hctx\")\nneeds to check queue mapping via tag set in hctx's cpuhp handler.\n\nHowever, q->tag_set may not be setup yet when the cpuhp handler is\nenabled, then kernel oops is triggered.\n\nFix the issue by setup queue tag_set before initializing hctx.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50081", url: "https://www.suse.com/security/cve/CVE-2024-50081", }, { category: "external", summary: "SUSE Bug 1232501 for CVE-2024-50081", url: "https://bugzilla.suse.com/1232501", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50081", }, { cve: "CVE-2024-50082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50082", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race\n\nWe're seeing crashes from rq_qos_wake_function that look like this:\n\n BUG: unable to handle page fault for address: ffffafe180a40084\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0\n Oops: Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40\n Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 <f0> 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00\n RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084\n RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011\n R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002\n R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003\n FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n <IRQ>\n try_to_wake_up+0x5a/0x6a0\n rq_qos_wake_function+0x71/0x80\n __wake_up_common+0x75/0xa0\n __wake_up+0x36/0x60\n scale_up.part.0+0x50/0x110\n wb_timer_fn+0x227/0x450\n ...\n\nSo rq_qos_wake_function() calls wake_up_process(data->task), which calls\ntry_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock).\n\np comes from data->task, and data comes from the waitqueue entry, which\nis stored on the waiter's stack in rq_qos_wait(). Analyzing the core\ndump with drgn, I found that the waiter had already woken up and moved\non to a completely unrelated code path, clobbering what was previously\ndata->task. Meanwhile, the waker was passing the clobbered garbage in\ndata->task to wake_up_process(), leading to the crash.\n\nWhat's happening is that in between rq_qos_wake_function() deleting the\nwaitqueue entry and calling wake_up_process(), rq_qos_wait() is finding\nthat it already got a token and returning. The race looks like this:\n\nrq_qos_wait() rq_qos_wake_function()\n==============================================================\nprepare_to_wait_exclusive()\n data->got_token = true;\n list_del_init(&curr->entry);\nif (data.got_token)\n break;\nfinish_wait(&rqw->wait, &data.wq);\n ^- returns immediately because\n list_empty_careful(&wq_entry->entry)\n is true\n... return, go do something else ...\n wake_up_process(data->task)\n (NO LONGER VALID!)-^\n\nNormally, finish_wait() is supposed to synchronize against the waker.\nBut, as noted above, it is returning immediately because the waitqueue\nentry has already been removed from the waitqueue.\n\nThe bug is that rq_qos_wake_function() is accessing the waitqueue entry\nAFTER deleting it. Note that autoremove_wake_function() wakes the waiter\nand THEN deletes the waitqueue entry, which is the proper order.\n\nFix it by swapping the order. We also need to use\nlist_del_init_careful() to match the list_empty_careful() in\nfinish_wait().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50082", url: "https://www.suse.com/security/cve/CVE-2024-50082", }, { category: "external", summary: "SUSE Bug 1232500 for CVE-2024-50082", url: "https://bugzilla.suse.com/1232500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50082", }, { cve: "CVE-2024-50083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50083", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 <0f> 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <IRQ>\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n </IRQ>\n <TASK>\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50083", url: "https://www.suse.com/security/cve/CVE-2024-50083", }, { category: "external", summary: "SUSE Bug 1232493 for CVE-2024-50083", url: "https://bugzilla.suse.com/1232493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50083", }, { cve: "CVE-2024-50084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50084", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()\n\nCommit a3c1e45156ad (\"net: microchip: vcap: Fix use-after-free error in\nkunit test\") fixed the use-after-free error, but introduced below\nmemory leaks by removing necessary vcap_free_rule(), add it to fix it.\n\n\tunreferenced object 0xffffff80ca58b700 (size 192):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898264\n\t hex dump (first 32 bytes):\n\t 00 12 7a 00 05 00 00 00 0a 00 00 00 64 00 00 00 ..z.........d...\n\t 00 00 00 00 00 00 00 00 00 04 0b cc 80 ff ff ff ................\n\t backtrace (crc 9c09c3fe):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<0000000040a01b8d>] vcap_alloc_rule+0x3cc/0x9c4\n\t [<000000003fe86110>] vcap_api_encode_rule_test+0x1ac/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0400 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898265\n\t hex dump (first 32 bytes):\n\t 80 04 0b cc 80 ff ff ff 18 b7 58 ca 80 ff ff ff ..........X.....\n\t 39 00 00 00 02 00 00 00 06 05 04 03 02 01 ff ff 9...............\n\t backtrace (crc daf014e9):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<00000000dfdb1e81>] vcap_api_encode_rule_test+0x224/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0700 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898265\n\t hex dump (first 32 bytes):\n\t 80 07 0b cc 80 ff ff ff 28 b7 58 ca 80 ff ff ff ........(.X.....\n\t 3c 00 00 00 00 00 00 00 01 2f 03 b3 ec ff ff ff <......../......\n\t backtrace (crc 8d877792):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000006eadfab7>] vcap_rule_add_action+0x2d0/0x52c\n\t [<00000000323475d1>] vcap_api_encode_rule_test+0x4d4/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0900 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898266\n\t hex dump (first 32 bytes):\n\t 80 09 0b cc 80 ff ff ff 80 06 0b cc 80 ff ff ff ................\n\t 7d 00 00 00 01 00 00 00 00 00 00 00 ff 00 00 00 }...............\n\t backtrace (crc 34181e56):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<00000000991e3564>] vcap_val_rule+0xcf0/0x13e8\n\t [<00000000fc9868e5>] vcap_api_encode_rule_test+0x678/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0980 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898266\n\t hex dump (first 32 bytes):\n\t 18 b7 58 ca 80 ff ff ff 00 09 0b cc 80 ff ff ff ..X.............\n\t 67 00 00 00 00 00 00 00 01 01 74 88 c0 ff ff ff g.........t.....\n\t backtrace (crc 275fd9be):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<000000001396a1a2>] test_add_de\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50084", url: "https://www.suse.com/security/cve/CVE-2024-50084", }, { category: "external", summary: "SUSE Bug 1232494 for CVE-2024-50084", url: "https://bugzilla.suse.com/1232494", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50084", }, { cve: "CVE-2024-50085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50085", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50085", url: "https://www.suse.com/security/cve/CVE-2024-50085", }, { category: "external", summary: "SUSE Bug 1232508 for CVE-2024-50085", url: "https://bugzilla.suse.com/1232508", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50085", }, { cve: "CVE-2024-50086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50086", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix user-after-free from session log off\n\nThere is racy issue between smb2 session log off and smb2 session setup.\nIt will cause user-after-free from session log off.\nThis add session_lock when setting SMB2_SESSION_EXPIRED and referece\ncount to session struct not to free session while it is being used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50086", url: "https://www.suse.com/security/cve/CVE-2024-50086", }, { category: "external", summary: "SUSE Bug 1232521 for CVE-2024-50086", url: "https://bugzilla.suse.com/1232521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50086", }, { cve: "CVE-2024-50087", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50087", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix uninitialized pointer free on read_alloc_one_name() error\n\nThe function read_alloc_one_name() does not initialize the name field of\nthe passed fscrypt_str struct if kmalloc fails to allocate the\ncorresponding buffer. Thus, it is not guaranteed that\nfscrypt_str.name is initialized when freeing it.\n\nThis is a follow-up to the linked patch that fixes the remaining\ninstances of the bug introduced by commit e43eec81c516 (\"btrfs: use\nstruct qstr instead of name and namelen pairs\").", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50087", url: "https://www.suse.com/security/cve/CVE-2024-50087", }, { category: "external", summary: "SUSE Bug 1232499 for CVE-2024-50087", url: "https://bugzilla.suse.com/1232499", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50087", }, { cve: "CVE-2024-50088", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50088", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix uninitialized pointer free in add_inode_ref()\n\nThe add_inode_ref() function does not initialize the \"name\" struct when\nit is declared. If any of the following calls to \"read_one_inode()\nreturns NULL,\n\n\tdir = read_one_inode(root, parent_objectid);\n\tif (!dir) {\n\t\tret = -ENOENT;\n\t\tgoto out;\n\t}\n\n\tinode = read_one_inode(root, inode_objectid);\n\tif (!inode) {\n\t\tret = -EIO;\n\t\tgoto out;\n\t}\n\nthen \"name.name\" would be freed on \"out\" before being initialized.\n\nout:\n\t...\n\tkfree(name.name);\n\nThis issue was reported by Coverity with CID 1526744.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50088", url: "https://www.suse.com/security/cve/CVE-2024-50088", }, { category: "external", summary: "SUSE Bug 1232498 for CVE-2024-50088", url: "https://bugzilla.suse.com/1232498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50088", }, { cve: "CVE-2024-50089", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50089", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50089", url: "https://www.suse.com/security/cve/CVE-2024-50089", }, { category: "external", summary: "SUSE Bug 1232860 for CVE-2024-50089", url: "https://bugzilla.suse.com/1232860", }, { category: "external", summary: "SUSE Bug 1233250 for CVE-2024-50089", url: "https://bugzilla.suse.com/1233250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50089", }, { cve: "CVE-2024-50090", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50090", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Fix overflow in oa batch buffer\n\nBy default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch\nbuffer, this is not a problem if batch buffer is only used once but\noa reuses the batch buffer for the same metric and at each call\nit appends a MI_BATCH_BUFFER_END, printing the warning below and then\noverflowing.\n\n[ 381.072016] ------------[ cut here ]------------\n[ 381.072019] xe 0000:00:02.0: [drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed!\n platform: LUNARLAKE subplatform: 1\n graphics: Xe2_LPG / Xe2_HPG 20.04 step B0\n media: Xe2_LPM / Xe2_HPM 20.00 step B0\n tile: 0 VRAM 0 B\n GT: 0 type 1\n\nSo here checking if batch buffer already have MI_BATCH_BUFFER_END if\nnot append it.\n\nv2:\n- simply fix, suggestion from Ashutosh\n\n(cherry picked from commit 9ba0e0f30ca42a98af3689460063edfb6315718a)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50090", url: "https://www.suse.com/security/cve/CVE-2024-50090", }, { category: "external", summary: "SUSE Bug 1232862 for CVE-2024-50090", url: "https://bugzilla.suse.com/1232862", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50090", }, { cve: "CVE-2024-50091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50091", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndm vdo: don't refer to dedupe_context after releasing it\n\nClear the dedupe_context pointer in a data_vio whenever ownership of\nthe context is lost, so that vdo can't examine it accidentally.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50091", url: "https://www.suse.com/security/cve/CVE-2024-50091", }, { category: "external", summary: "SUSE Bug 1232872 for CVE-2024-50091", url: "https://bugzilla.suse.com/1232872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50091", }, { cve: "CVE-2024-50092", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50092", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netconsole: fix wrong warning\n\nA warning is triggered when there is insufficient space in the buffer\nfor userdata. However, this is not an issue since userdata will be sent\nin the next iteration.\n\nCurrent warning message:\n\n ------------[ cut here ]------------\n WARNING: CPU: 13 PID: 3013042 at drivers/net/netconsole.c:1122 write_ext_msg+0x3b6/0x3d0\n ? write_ext_msg+0x3b6/0x3d0\n console_flush_all+0x1e9/0x330\n\nThe code incorrectly issues a warning when this_chunk is zero, which is\na valid scenario. The warning should only be triggered when this_chunk\nis negative.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50092", url: "https://www.suse.com/security/cve/CVE-2024-50092", }, { category: "external", summary: "SUSE Bug 1232874 for CVE-2024-50092", url: "https://bugzilla.suse.com/1232874", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50092", }, { cve: "CVE-2024-50093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50093", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: int340x: processor: Fix warning during module unload\n\nThe processor_thermal driver uses pcim_device_enable() to enable a PCI\ndevice, which means the device will be automatically disabled on driver\ndetach. Thus there is no need to call pci_disable_device() again on it.\n\nWith recent PCI device resource management improvements, e.g. commit\nf748a07a0b64 (\"PCI: Remove legacy pcim_release()\"), this problem is\nexposed and triggers the warining below.\n\n [ 224.010735] proc_thermal_pci 0000:00:04.0: disabling already-disabled device\n [ 224.010747] WARNING: CPU: 8 PID: 4442 at drivers/pci/pci.c:2250 pci_disable_device+0xe5/0x100\n ...\n [ 224.010844] Call Trace:\n [ 224.010845] <TASK>\n [ 224.010847] ? show_regs+0x6d/0x80\n [ 224.010851] ? __warn+0x8c/0x140\n [ 224.010854] ? pci_disable_device+0xe5/0x100\n [ 224.010856] ? report_bug+0x1c9/0x1e0\n [ 224.010859] ? handle_bug+0x46/0x80\n [ 224.010862] ? exc_invalid_op+0x1d/0x80\n [ 224.010863] ? asm_exc_invalid_op+0x1f/0x30\n [ 224.010867] ? pci_disable_device+0xe5/0x100\n [ 224.010869] ? pci_disable_device+0xe5/0x100\n [ 224.010871] ? kfree+0x21a/0x2b0\n [ 224.010873] pcim_disable_device+0x20/0x30\n [ 224.010875] devm_action_release+0x16/0x20\n [ 224.010878] release_nodes+0x47/0xc0\n [ 224.010880] devres_release_all+0x9f/0xe0\n [ 224.010883] device_unbind_cleanup+0x12/0x80\n [ 224.010885] device_release_driver_internal+0x1ca/0x210\n [ 224.010887] driver_detach+0x4e/0xa0\n [ 224.010889] bus_remove_driver+0x6f/0xf0\n [ 224.010890] driver_unregister+0x35/0x60\n [ 224.010892] pci_unregister_driver+0x44/0x90\n [ 224.010894] proc_thermal_pci_driver_exit+0x14/0x5f0 [processor_thermal_device_pci]\n ...\n [ 224.010921] ---[ end trace 0000000000000000 ]---\n\nRemove the excess pci_disable_device() calls.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50093", url: "https://www.suse.com/security/cve/CVE-2024-50093", }, { category: "external", summary: "SUSE Bug 1232877 for CVE-2024-50093", url: "https://bugzilla.suse.com/1232877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50093", }, { cve: "CVE-2024-50094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50094", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: Don't invoke xdp_do_flush() from netpoll.\n\nYury reported a crash in the sfc driver originated from\nnetpoll_send_udp(). The netconsole sends a message and then netpoll\ninvokes the driver's NAPI function with a budget of zero. It is\ndedicated to allow driver to free TX resources, that it may have used\nwhile sending the packet.\n\nIn the netpoll case the driver invokes xdp_do_flush() unconditionally,\nleading to crash because bpf_net_context was never assigned.\n\nInvoke xdp_do_flush() only if budget is not zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50094", url: "https://www.suse.com/security/cve/CVE-2024-50094", }, { category: "external", summary: "SUSE Bug 1232875 for CVE-2024-50094", url: "https://bugzilla.suse.com/1232875", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50094", }, { cve: "CVE-2024-50095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50095", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n <IRQ>\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n </IRQ>\n <TASK>\n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n </TASK>\n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50095", url: "https://www.suse.com/security/cve/CVE-2024-50095", }, { category: "external", summary: "SUSE Bug 1232873 for CVE-2024-50095", url: "https://bugzilla.suse.com/1232873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50095", }, { cve: "CVE-2024-50096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50096", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error\n\nThe `nouveau_dmem_copy_one` function ensures that the copy push command is\nsent to the device firmware but does not track whether it was executed\nsuccessfully.\n\nIn the case of a copy error (e.g., firmware or hardware failure), the\ncopy push command will be sent via the firmware channel, and\n`nouveau_dmem_copy_one` will likely report success, leading to the\n`migrate_to_ram` function returning a dirty HIGH_USER page to the user.\n\nThis can result in a security vulnerability, as a HIGH_USER page that may\ncontain sensitive or corrupted data could be returned to the user.\n\nTo prevent this vulnerability, we allocate a zero page. Thus, in case of\nan error, a non-dirty (zero) page will be returned to the user.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50096", url: "https://www.suse.com/security/cve/CVE-2024-50096", }, { category: "external", summary: "SUSE Bug 1232870 for CVE-2024-50096", url: "https://bugzilla.suse.com/1232870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50096", }, { cve: "CVE-2024-50097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50097", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: don't save PTP state if PTP is unsupported\n\nSome platforms (such as i.MX25 and i.MX27) do not support PTP, so on\nthese platforms fec_ptp_init() is not called and the related members\nin fep are not initialized. However, fec_ptp_save_state() is called\nunconditionally, which causes the kernel to panic. Therefore, add a\ncondition so that fec_ptp_save_state() is not called if PTP is not\nsupported.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50097", url: "https://www.suse.com/security/cve/CVE-2024-50097", }, { category: "external", summary: "SUSE Bug 1232871 for CVE-2024-50097", url: "https://bugzilla.suse.com/1232871", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50097", }, { cve: "CVE-2024-50098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50098", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down\n\nThere is a history of deadlock if reboot is performed at the beginning\nof booting. SDEV_QUIESCE was set for all LU's scsi_devices by UFS\nshutdown, and at that time the audio driver was waiting on\nblk_mq_submit_bio() holding a mutex_lock while reading the fw binary.\nAfter that, a deadlock issue occurred while audio driver shutdown was\nwaiting for mutex_unlock of blk_mq_submit_bio(). To solve this, set\nSDEV_OFFLINE for all LUs except WLUN, so that any I/O that comes down\nafter a UFS shutdown will return an error.\n\n[ 31.907781]I[0: swapper/0: 0] 1 130705007 1651079834 11289729804 0 D( 2) 3 ffffff882e208000 * init [device_shutdown]\n[ 31.907793]I[0: swapper/0: 0] Mutex: 0xffffff8849a2b8b0: owner[0xffffff882e28cb00 kworker/6:0 :49]\n[ 31.907806]I[0: swapper/0: 0] Call trace:\n[ 31.907810]I[0: swapper/0: 0] __switch_to+0x174/0x338\n[ 31.907819]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc\n[ 31.907826]I[0: swapper/0: 0] schedule+0x7c/0xe8\n[ 31.907834]I[0: swapper/0: 0] schedule_preempt_disabled+0x24/0x40\n[ 31.907842]I[0: swapper/0: 0] __mutex_lock+0x408/0xdac\n[ 31.907849]I[0: swapper/0: 0] __mutex_lock_slowpath+0x14/0x24\n[ 31.907858]I[0: swapper/0: 0] mutex_lock+0x40/0xec\n[ 31.907866]I[0: swapper/0: 0] device_shutdown+0x108/0x280\n[ 31.907875]I[0: swapper/0: 0] kernel_restart+0x4c/0x11c\n[ 31.907883]I[0: swapper/0: 0] __arm64_sys_reboot+0x15c/0x280\n[ 31.907890]I[0: swapper/0: 0] invoke_syscall+0x70/0x158\n[ 31.907899]I[0: swapper/0: 0] el0_svc_common+0xb4/0xf4\n[ 31.907909]I[0: swapper/0: 0] do_el0_svc+0x2c/0xb0\n[ 31.907918]I[0: swapper/0: 0] el0_svc+0x34/0xe0\n[ 31.907928]I[0: swapper/0: 0] el0t_64_sync_handler+0x68/0xb4\n[ 31.907937]I[0: swapper/0: 0] el0t_64_sync+0x1a0/0x1a4\n\n[ 31.908774]I[0: swapper/0: 0] 49 0 11960702 11236868007 0 D( 2) 6 ffffff882e28cb00 * kworker/6:0 [__bio_queue_enter]\n[ 31.908783]I[0: swapper/0: 0] Call trace:\n[ 31.908788]I[0: swapper/0: 0] __switch_to+0x174/0x338\n[ 31.908796]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc\n[ 31.908803]I[0: swapper/0: 0] schedule+0x7c/0xe8\n[ 31.908811]I[0: swapper/0: 0] __bio_queue_enter+0xb8/0x178\n[ 31.908818]I[0: swapper/0: 0] blk_mq_submit_bio+0x194/0x67c\n[ 31.908827]I[0: swapper/0: 0] __submit_bio+0xb8/0x19c", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50098", url: "https://www.suse.com/security/cve/CVE-2024-50098", }, { category: "external", summary: "SUSE Bug 1232881 for CVE-2024-50098", url: "https://bugzilla.suse.com/1232881", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50098", }, { cve: "CVE-2024-50099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50099", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50099", url: "https://www.suse.com/security/cve/CVE-2024-50099", }, { category: "external", summary: "SUSE Bug 1232887 for CVE-2024-50099", url: "https://bugzilla.suse.com/1232887", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50099", }, { cve: "CVE-2024-50100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50100", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: dummy-hcd: Fix \"task hung\" problem\n\nThe syzbot fuzzer has been encountering \"task hung\" problems ever\nsince the dummy-hcd driver was changed to use hrtimers instead of\nregular timers. It turns out that the problems are caused by a subtle\ndifference between the timer_pending() and hrtimer_active() APIs.\n\nThe changeover blindly replaced the first by the second. However,\ntimer_pending() returns True when the timer is queued but not when its\ncallback is running, whereas hrtimer_active() returns True when the\nhrtimer is queued _or_ its callback is running. This difference\noccasionally caused dummy_urb_enqueue() to think that the callback\nroutine had not yet started when in fact it was almost finished. As a\nresult the hrtimer was not restarted, which made it impossible for the\ndriver to dequeue later the URB that was just enqueued. This caused\nusb_kill_urb() to hang, and things got worse from there.\n\nSince hrtimers have no API for telling when they are queued and the\ncallback isn't running, the driver must keep track of this for itself.\nThat's what this patch does, adding a new \"timer_pending\" flag and\nsetting or clearing it at the appropriate times.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50100", url: "https://www.suse.com/security/cve/CVE-2024-50100", }, { category: "external", summary: "SUSE Bug 1232876 for CVE-2024-50100", url: "https://bugzilla.suse.com/1232876", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50100", }, { cve: "CVE-2024-50101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50101", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices\n\nPreviously, the domain_context_clear() function incorrectly called\npci_for_each_dma_alias() to set up context entries for non-PCI devices.\nThis could lead to kernel hangs or other unexpected behavior.\n\nAdd a check to only call pci_for_each_dma_alias() for PCI devices. For\nnon-PCI devices, domain_context_clear_one() is called directly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50101", url: "https://www.suse.com/security/cve/CVE-2024-50101", }, { category: "external", summary: "SUSE Bug 1232869 for CVE-2024-50101", url: "https://bugzilla.suse.com/1232869", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50101", }, { cve: "CVE-2024-50102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50102", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86: fix user address masking non-canonical speculation issue\n\nIt turns out that AMD has a \"Meltdown Lite(tm)\" issue with non-canonical\naccesses in kernel space. And so using just the high bit to decide\nwhether an access is in user space or kernel space ends up with the good\nold \"leak speculative data\" if you have the right gadget using the\nresult:\n\n CVE-2020-12965 \"Transient Execution of Non-Canonical Accesses\"\n\nNow, the kernel surrounds the access with a STAC/CLAC pair, and those\ninstructions end up serializing execution on older Zen architectures,\nwhich closes the speculation window.\n\nBut that was true only up until Zen 5, which renames the AC bit [1].\nThat improves performance of STAC/CLAC a lot, but also means that the\nspeculation window is now open.\n\nNote that this affects not just the new address masking, but also the\nregular valid_user_address() check used by access_ok(), and the asm\nversion of the sign bit check in the get_user() helpers.\n\nIt does not affect put_user() or clear_user() variants, since there's no\nspeculative result to be used in a gadget for those operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50102", url: "https://www.suse.com/security/cve/CVE-2024-50102", }, { category: "external", summary: "SUSE Bug 1232880 for CVE-2024-50102", url: "https://bugzilla.suse.com/1232880", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50102", }, { cve: "CVE-2024-50103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50103", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()\n\nA devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could\npossibly return NULL pointer. NULL Pointer Dereference may be\ntriggerred without addtional check.\nAdd a NULL check for the returned pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50103", url: "https://www.suse.com/security/cve/CVE-2024-50103", }, { category: "external", summary: "SUSE Bug 1232878 for CVE-2024-50103", url: "https://bugzilla.suse.com/1232878", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50103", }, { cve: "CVE-2024-50104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50104", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: sdm845: add missing soundwire runtime stream alloc\n\nDuring the migration of Soundwire runtime stream allocation from\nthe Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845\nsoundcard was forgotten.\n\nAt this point any playback attempt or audio daemon startup, for instance\non sdm845-db845c (Qualcomm RB3 board), will result in stream pointer\nNULL dereference:\n\n Unable to handle kernel NULL pointer dereference at virtual\n address 0000000000000020\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=0000000101ecf000\n [0000000000000020] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n Modules linked in: ...\n CPU: 5 UID: 0 PID: 1198 Comm: aplay\n Not tainted 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18\n Hardware name: Thundercomm Dragonboard 845c (DT)\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n lr : sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n sp : ffff80008a2035c0\n x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 0000000000000000\n x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800\n x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003\n x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec\n x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003\n x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8\n Call trace:\n sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x]\n snd_soc_dai_hw_params+0x3c/0xa4\n __soc_pcm_hw_params+0x230/0x660\n dpcm_be_dai_hw_params+0x1d0/0x3f8\n dpcm_fe_dai_hw_params+0x98/0x268\n snd_pcm_hw_params+0x124/0x460\n snd_pcm_common_ioctl+0x998/0x16e8\n snd_pcm_ioctl+0x34/0x58\n __arm64_sys_ioctl+0xac/0xf8\n invoke_syscall+0x48/0x104\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xe0\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\n Code: aa0403fb f9418400 9100e000 9400102f (f8420f22)\n ---[ end trace 0000000000000000 ]---\n\n0000000000006108 <sdw_stream_add_slave>:\n 6108: d503233f paciasp\n 610c: a9b97bfd stp x29, x30, [sp, #-112]!\n 6110: 910003fd mov x29, sp\n 6114: a90153f3 stp x19, x20, [sp, #16]\n 6118: a9025bf5 stp x21, x22, [sp, #32]\n 611c: aa0103f6 mov x22, x1\n 6120: 2a0303f5 mov w21, w3\n 6124: a90363f7 stp x23, x24, [sp, #48]\n 6128: aa0003f8 mov x24, x0\n 612c: aa0203f7 mov x23, x2\n 6130: a9046bf9 stp x25, x26, [sp, #64]\n 6134: aa0403f9 mov x25, x4 <-- x4 copied to x25\n 6138: a90573fb stp x27, x28, [sp, #80]\n 613c: aa0403fb mov x27, x4\n 6140: f9418400 ldr x0, [x0, #776]\n 6144: 9100e000 add x0, x0, #0x38\n 6148: 94000000 bl 0 <mutex_lock>\n 614c: f8420f22 ldr x2, [x25, #32]! <-- offset 0x44\n ^^^\nThis is 0x6108 + offset 0x44 from the beginning of sdw_stream_add_slave()\nwhere data abort happens.\nwsa881x_hw_params() is called with stream = NULL and passes it further\nin register x4 (5th argu\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50104", url: "https://www.suse.com/security/cve/CVE-2024-50104", }, { category: "external", summary: "SUSE Bug 1232868 for CVE-2024-50104", url: "https://bugzilla.suse.com/1232868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50104", }, { cve: "CVE-2024-50105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50105", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc\n\nCommit 15c7fab0e047 (\"ASoC: qcom: Move Soundwire runtime stream alloc to\nsoundcards\") moved the allocation of Soundwire stream runtime from the\nQualcomm Soundwire driver to each individual machine sound card driver,\nexcept that it forgot to update SC7280 card.\n\nJust like for other Qualcomm sound cards using Soundwire, the card\ndriver should allocate and release the runtime. Otherwise sound\nplayback will result in a NULL pointer dereference or other effect of\nuninitialized memory accesses (which was confirmed on SDM845 having\nsimilar issue).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50105", url: "https://www.suse.com/security/cve/CVE-2024-50105", }, { category: "external", summary: "SUSE Bug 1232879 for CVE-2024-50105", url: "https://bugzilla.suse.com/1232879", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50105", }, { cve: "CVE-2024-50106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50106", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn't empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that's based on adding 2 new additional\nstid's sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn't finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50106", url: "https://www.suse.com/security/cve/CVE-2024-50106", }, { category: "external", summary: "SUSE Bug 1232882 for CVE-2024-50106", url: "https://bugzilla.suse.com/1232882", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50106", }, { cve: "CVE-2024-50107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50107", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses\n\nCommit 50c6dbdfd16e (\"x86/ioremap: Improve iounmap() address range checks\")\nintroduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad\nP1 Gen 7 (Meteor Lake-P) this caused the following warning to appear:\n\nWARNING: CPU: 7 PID: 713 at arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0\nModules linked in: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+)\nint3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class\nacpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper\nnouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit\ncrct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi\npolyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi\nnvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec\nnvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse\nCPU: 7 UID: 0 PID: 713 Comm: (udev-worker) Not tainted 6.12.0-rc2iounmap+ #42\nHardware name: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06 ) 07/18/2024\nRIP: 0010:iounmap+0x58/0x1f0\nCode: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00\nRSP: 0018:ffff888131eff038 EFLAGS: 00010207\nRAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000\nRDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000\nRBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10\nR10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000\nR13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28\nFS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n<TASK>\n? __warn.cold+0xb6/0x176\n? iounmap+0x58/0x1f0\n? report_bug+0x1f4/0x2b0\n? handle_bug+0x58/0x90\n? exc_invalid_op+0x17/0x40\n? asm_exc_invalid_op+0x1a/0x20\n? iounmap+0x58/0x1f0\npmc_core_ssram_get_pmc+0x477/0x6c0 [intel_pmc_core]\n? __pfx_pmc_core_ssram_get_pmc+0x10/0x10 [intel_pmc_core]\n? __pfx_do_pci_enable_device+0x10/0x10\n? pci_wait_for_pending+0x60/0x110\n? pci_enable_device_flags+0x1e3/0x2e0\n? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core]\npmc_core_ssram_init+0x7f/0x110 [intel_pmc_core]\nmtl_core_init+0xda/0x130 [intel_pmc_core]\n? __mutex_init+0xb9/0x130\npmc_core_probe+0x27e/0x10b0 [intel_pmc_core]\n? _raw_spin_lock_irqsave+0x96/0xf0\n? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core]\n? __pfx_mutex_unlock+0x10/0x10\n? __pfx_mutex_lock+0x10/0x10\n? device_pm_check_callbacks+0x82/0x370\n? acpi_dev_pm_attach+0x234/0x2b0\nplatform_probe+0x9f/0x150\nreally_probe+0x1e0/0x8a0\n__driver_probe_device+0x18c/0x370\n? __pfx___driver_attach+0x10/0x10\ndriver_probe_device+0x4a/0x120\n__driver_attach+0x190/0x4a0\n? __pfx___driver_attach+0x10/0x10\nbus_for_each_dev+0x103/0x180\n? __pfx_bus_for_each_dev+0x10/0x10\n? klist_add_tail+0x136/0x270\nbus_add_driver+0x2fc/0x540\ndriver_register+0x1a5/0x360\n? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core]\ndo_one_initcall+0xa4/0x380\n? __pfx_do_one_initcall+0x10/0x10\n? kasan_unpoison+0x44/0x70\ndo_init_module+0x296/0x800\nload_module+0x5090/0x6ce0\n? __pfx_load_module+0x10/0x10\n? ima_post_read_file+0x193/0x200\n? __pfx_ima_post_read_file+0x10/0x10\n? rw_verify_area+0x152/0x4c0\n? kernel_read_file+0x257/0x750\n? __pfx_kernel_read_file+0x10/0x10\n? __pfx_filemap_get_read_batch+0x10/0x10\n? init_module_from_file+0xd1/0x130\ninit_module_from_file+0xd1/0x130\n? __pfx_init_module_from_file+0x10/0\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50107", url: "https://www.suse.com/security/cve/CVE-2024-50107", }, { category: "external", summary: "SUSE Bug 1232883 for CVE-2024-50107", url: "https://bugzilla.suse.com/1232883", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50107", }, { cve: "CVE-2024-50108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50108", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable PSR-SU on Parade 08-01 TCON too\n\nStuart Hayhurst has found that both at bootup and fullscreen VA-API video\nis leading to black screens for around 1 second and kernel WARNING [1] traces\nwhen calling dmub_psr_enable() with Parade 08-01 TCON.\n\nThese symptoms all go away with PSR-SU disabled for this TCON, so disable\nit for now while DMUB traces [2] from the failure can be analyzed and the failure\nstate properly root caused.\n\n(cherry picked from commit afb634a6823d8d9db23c5fb04f79c5549349628b)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50108", url: "https://www.suse.com/security/cve/CVE-2024-50108", }, { category: "external", summary: "SUSE Bug 1232884 for CVE-2024-50108", url: "https://bugzilla.suse.com/1232884", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50108", }, { cve: "CVE-2024-50109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50109", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null ptr dereference in raid10_size()\n\nIn raid10_run() if raid10_set_queue_limits() succeed, the return value\nis set to zero, and if following procedures failed raid10_run() will\nreturn zero while mddev->private is still NULL, causing null ptr\ndereference in raid10_size().\n\nFix the problem by only overwrite the return value if\nraid10_set_queue_limits() failed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50109", url: "https://www.suse.com/security/cve/CVE-2024-50109", }, { category: "external", summary: "SUSE Bug 1232886 for CVE-2024-50109", url: "https://bugzilla.suse.com/1232886", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50109", }, { cve: "CVE-2024-50110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50110", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix one more kernel-infoleak in algo dumping\n\nDuring fuzz testing, the following issue was discovered:\n\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30\n _copy_to_iter+0x598/0x2a30\n __skb_datagram_iter+0x168/0x1060\n skb_copy_datagram_iter+0x5b/0x220\n netlink_recvmsg+0x362/0x1700\n sock_recvmsg+0x2dc/0x390\n __sys_recvfrom+0x381/0x6d0\n __x64_sys_recvfrom+0x130/0x200\n x64_sys_call+0x32c8/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was stored to memory at:\n copy_to_user_state_extra+0xcc1/0x1e00\n dump_one_state+0x28c/0x5f0\n xfrm_state_walk+0x548/0x11e0\n xfrm_dump_sa+0x1e0/0x840\n netlink_dump+0x943/0x1c40\n __netlink_dump_start+0x746/0xdb0\n xfrm_user_rcv_msg+0x429/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was created at:\n __kmalloc+0x571/0xd30\n attach_auth+0x106/0x3e0\n xfrm_add_sa+0x2aa0/0x4230\n xfrm_user_rcv_msg+0x832/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nBytes 328-379 of 732 are uninitialized\nMemory access of size 732 starts at ffff88800e18e000\nData copied to user address 00007ff30f48aff0\n\nCPU: 2 PID: 18167 Comm: syz-executor.0 Not tainted 6.8.11 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n\nFixes copying of xfrm algorithms where some random\ndata of the structure fields can end up in userspace.\nPadding in structures may be filled with random (possibly sensitve)\ndata and should never be given directly to user-space.\n\nA similar issue was resolved in the commit\n8222d5910dae (\"xfrm: Zero padding when dumping algos and encap\")\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50110", url: "https://www.suse.com/security/cve/CVE-2024-50110", }, { category: "external", summary: "SUSE Bug 1232885 for CVE-2024-50110", url: "https://bugzilla.suse.com/1232885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50110", }, { cve: "CVE-2024-50111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50111", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable IRQ if do_ale() triggered in irq-enabled context\n\nUnaligned access exception can be triggered in irq-enabled context such\nas user mode, in this case do_ale() may call get_user() which may cause\nsleep. Then we will get:\n\n BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7\n in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe\n preempt_count: 0, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723\n Tainted: [W]=WARN\n Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000\n 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000\n 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890\n ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500\n 000000000000020c 000000000000000a 0000000000000000 0000000000000003\n 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260\n 0000000000000000 0000000000000000 9000000005437650 90000000055d5000\n 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000\n 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec\n 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d\n ...\n Call Trace:\n [<9000000003803964>] show_stack+0x64/0x1a0\n [<9000000004c57464>] dump_stack_lvl+0x74/0xb0\n [<9000000003861ab4>] __might_resched+0x154/0x1a0\n [<900000000380c96c>] emulate_load_store_insn+0x6c/0xf60\n [<9000000004c58118>] do_ale+0x78/0x180\n [<9000000003801bc8>] handle_ale+0x128/0x1e0\n\nSo enable IRQ if unaligned access exception is triggered in irq-enabled\ncontext to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50111", url: "https://www.suse.com/security/cve/CVE-2024-50111", }, { category: "external", summary: "SUSE Bug 1232866 for CVE-2024-50111", url: "https://bugzilla.suse.com/1232866", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50111", }, { cve: "CVE-2024-50112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50112", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lam: Disable ADDRESS_MASKING in most cases\n\nLinear Address Masking (LAM) has a weakness related to transient\nexecution as described in the SLAM paper[1]. Unless Linear Address\nSpace Separation (LASS) is enabled this weakness may be exploitable.\n\nUntil kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,\nor when speculation mitigations have been disabled at compile time,\notherwise keep LAM disabled.\n\nThere are no processors in market that support LAM yet, so currently\nnobody is affected by this issue.\n\n[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf\n[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/\n\n[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50112", url: "https://www.suse.com/security/cve/CVE-2024-50112", }, { category: "external", summary: "SUSE Bug 1232867 for CVE-2024-50112", url: "https://bugzilla.suse.com/1232867", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50112", }, { cve: "CVE-2024-50113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50113", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: core: fix invalid port index for parent device\n\nIn a commit 24b7f8e5cd65 (\"firewire: core: use helper functions for self\nID sequence\"), the enumeration over self ID sequence was refactored with\nsome helper functions with KUnit tests. These helper functions are\nguaranteed to work expectedly by the KUnit tests, however their application\nincludes a mistake to assign invalid value to the index of port connected\nto parent device.\n\nThis bug affects the case that any extra node devices which has three or\nmore ports are connected to 1394 OHCI controller. In the case, the path\nto update the tree cache could hits WARN_ON(), and gets general protection\nfault due to the access to invalid address computed by the invalid value.\n\nThis commit fixes the bug to assign correct port index.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50113", url: "https://www.suse.com/security/cve/CVE-2024-50113", }, { category: "external", summary: "SUSE Bug 1232891 for CVE-2024-50113", url: "https://bugzilla.suse.com/1232891", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50113", }, { cve: "CVE-2024-50114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50114", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unregister redistributor for failed vCPU creation\n\nAlex reports that syzkaller has managed to trigger a use-after-free when\ntearing down a VM:\n\n BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769\n Read of size 8 at addr ffffff801c6890d0 by task syz.3.2219/10758\n\n CPU: 3 UID: 0 PID: 10758 Comm: syz.3.2219 Not tainted 6.11.0-rc6-dirty #64\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n dump_backtrace+0x17c/0x1a8 arch/arm64/kernel/stacktrace.c:317\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:324\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x94/0xc0 lib/dump_stack.c:119\n print_report+0x144/0x7a4 mm/kasan/report.c:377\n kasan_report+0xcc/0x128 mm/kasan/report.c:601\n __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381\n kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769\n kvm_vm_release+0x4c/0x60 virt/kvm/kvm_main.c:1409\n __fput+0x198/0x71c fs/file_table.c:422\n ____fput+0x20/0x30 fs/file_table.c:450\n task_work_run+0x1cc/0x23c kernel/task_work.c:228\n do_notify_resume+0x144/0x1a0 include/linux/resume_user_mode.h:50\n el0_svc+0x64/0x68 arch/arm64/kernel/entry-common.c:169\n el0t_64_sync_handler+0x90/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\n\nUpon closer inspection, it appears that we do not properly tear down the\nMMIO registration for a vCPU that fails creation late in the game, e.g.\na vCPU w/ the same ID already exists in the VM.\n\nIt is important to consider the context of commit that introduced this bug\nby moving the unregistration out of __kvm_vgic_vcpu_destroy(). That\nchange correctly sought to avoid an srcu v. config_lock inversion by\nbreaking up the vCPU teardown into two parts, one guarded by the\nconfig_lock.\n\nFix the use-after-free while avoiding lock inversion by adding a\nspecial-cased unregistration to __kvm_vgic_vcpu_destroy(). This is safe\nbecause failed vCPUs are torn down outside of the config_lock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50114", url: "https://www.suse.com/security/cve/CVE-2024-50114", }, { category: "external", summary: "SUSE Bug 1232912 for CVE-2024-50114", url: "https://bugzilla.suse.com/1232912", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50114", }, { cve: "CVE-2024-50115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50115", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn't using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM's much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it's only the nSVM flow\nthat is broken.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50115", url: "https://www.suse.com/security/cve/CVE-2024-50115", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50115", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232919 for CVE-2024-50115", url: "https://bugzilla.suse.com/1232919", }, { category: "external", summary: "SUSE Bug 1233019 for CVE-2024-50115", url: "https://bugzilla.suse.com/1233019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50115", }, { cve: "CVE-2024-50116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50116", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel bug due to missing clearing of buffer delay flag\n\nSyzbot reported that after nilfs2 reads a corrupted file system image\nand degrades to read-only, the BUG_ON check for the buffer delay flag\nin submit_bh_wbc() may fail, causing a kernel bug.\n\nThis is because the buffer delay flag is not cleared when clearing the\nbuffer state flags to discard a page/folio or a buffer head. So, fix\nthis.\n\nThis became necessary when the use of nilfs2's own page clear routine\nwas expanded. This state inconsistency does not occur if the buffer\nis written normally by log writing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50116", url: "https://www.suse.com/security/cve/CVE-2024-50116", }, { category: "external", summary: "SUSE Bug 1232892 for CVE-2024-50116", url: "https://bugzilla.suse.com/1232892", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50116", }, { cve: "CVE-2024-50117", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50117", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50117", url: "https://www.suse.com/security/cve/CVE-2024-50117", }, { category: "external", summary: "SUSE Bug 1232897 for CVE-2024-50117", url: "https://bugzilla.suse.com/1232897", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50117", }, { cve: "CVE-2024-50118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50118", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reject ro->rw reconfiguration if there are hard ro requirements\n\n[BUG]\nSyzbot reports the following crash:\n\n BTRFS info (device loop0 state MCS): disabling free space tree\n BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)\n BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:backup_super_roots fs/btrfs/disk-io.c:1691 [inline]\n RIP: 0010:write_all_supers+0x97a/0x40f0 fs/btrfs/disk-io.c:4041\n Call Trace:\n <TASK>\n btrfs_commit_transaction+0x1eae/0x3740 fs/btrfs/transaction.c:2530\n btrfs_delete_free_space_tree+0x383/0x730 fs/btrfs/free-space-tree.c:1312\n btrfs_start_pre_rw_mount+0xf28/0x1300 fs/btrfs/disk-io.c:3012\n btrfs_remount_rw fs/btrfs/super.c:1309 [inline]\n btrfs_reconfigure+0xae6/0x2d40 fs/btrfs/super.c:1534\n btrfs_reconfigure_for_mount fs/btrfs/super.c:2020 [inline]\n btrfs_get_tree_subvol fs/btrfs/super.c:2079 [inline]\n btrfs_get_tree+0x918/0x1920 fs/btrfs/super.c:2115\n vfs_get_tree+0x90/0x2b0 fs/super.c:1800\n do_new_mount+0x2be/0xb40 fs/namespace.c:3472\n do_mount fs/namespace.c:3812 [inline]\n __do_sys_mount fs/namespace.c:4020 [inline]\n __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3997\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nTo support mounting different subvolume with different RO/RW flags for\nthe new mount APIs, btrfs introduced two workaround to support this feature:\n\n- Skip mount option/feature checks if we are mounting a different\n subvolume\n\n- Reconfigure the fs to RW if the initial mount is RO\n\nCombining these two, we can have the following sequence:\n\n- Mount the fs ro,rescue=all,clear_cache,space_cache=v1\n rescue=all will mark the fs as hard read-only, so no v2 cache clearing\n will happen.\n\n- Mount a subvolume rw of the same fs.\n We go into btrfs_get_tree_subvol(), but fc_mount() returns EBUSY\n because our new fc is RW, different from the original fs.\n\n Now we enter btrfs_reconfigure_for_mount(), which switches the RO flag\n first so that we can grab the existing fs_info.\n Then we reconfigure the fs to RW.\n\n- During reconfiguration, option/features check is skipped\n This means we will restart the v2 cache clearing, and convert back to\n v1 cache.\n This will trigger fs writes, and since the original fs has \"rescue=all\"\n option, it skips the csum tree read.\n\n And eventually causing NULL pointer dereference in super block\n writeback.\n\n[FIX]\nFor reconfiguration caused by different subvolume RO/RW flags, ensure we\nalways run btrfs_check_options() to ensure we have proper hard RO\nrequirements met.\n\nIn fact the function btrfs_check_options() doesn't really do many\ncomplex checks, but hard RO requirement and some feature dependency\nchecks, thus there is no special reason not to do the check for mount\nreconfiguration.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50118", url: "https://www.suse.com/security/cve/CVE-2024-50118", }, { category: "external", summary: "SUSE Bug 1232859 for CVE-2024-50118", url: "https://bugzilla.suse.com/1232859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50118", }, { cve: "CVE-2024-50119", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50119", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix warning when destroy 'cifs_io_request_pool'\n\nThere's a issue as follows:\nWARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0\nRIP: 0010:free_large_kmalloc+0xac/0xe0\nCall Trace:\n <TASK>\n ? __warn+0xea/0x330\n mempool_destroy+0x13f/0x1d0\n init_cifs+0xa50/0xff0 [cifs]\n do_one_initcall+0xdc/0x550\n do_init_module+0x22d/0x6b0\n load_module+0x4e96/0x5ff0\n init_module_from_file+0xcd/0x130\n idempotent_init_module+0x330/0x620\n __x64_sys_finit_module+0xb3/0x110\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nObviously, 'cifs_io_request_pool' is not created by mempool_create().\nSo just use mempool_exit() to revert 'cifs_io_request_pool'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50119", url: "https://www.suse.com/security/cve/CVE-2024-50119", }, { category: "external", summary: "SUSE Bug 1232858 for CVE-2024-50119", url: "https://bugzilla.suse.com/1232858", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50119", }, { cve: "CVE-2024-50120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50120", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Handle kstrdup failures for passwords\n\nIn smb3_reconfigure(), after duplicating ctx->password and\nctx->password2 with kstrdup(), we need to check for allocation\nfailures.\n\nIf ses->password allocation fails, return -ENOMEM.\nIf ses->password2 allocation fails, free ses->password, set it\nto NULL, and return -ENOMEM.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50120", url: "https://www.suse.com/security/cve/CVE-2024-50120", }, { category: "external", summary: "SUSE Bug 1232924 for CVE-2024-50120", url: "https://bugzilla.suse.com/1232924", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50120", }, { cve: "CVE-2024-50121", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50121", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net\n\nIn the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the\nfunction `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` will\nrelease all resources related to the hashed `nfs4_client`. If the\n`nfsd_client_shrinker` is running concurrently, the `expire_client`\nfunction will first unhash this client and then destroy it. This can\nlead to the following warning. Additionally, numerous use-after-free\nerrors may occur as well.\n\nnfsd_client_shrinker echo 0 > /proc/fs/nfsd/threads\n\nexpire_client nfsd_shutdown_net\n unhash_client ...\n nfs4_state_shutdown_net\n /* won't wait shrinker exit */\n /* cancel_work(&nn->nfsd_shrinker_work)\n * nfsd_file for this /* won't destroy unhashed client1 */\n * client1 still alive nfs4_state_destroy_net\n */\n\n nfsd_file_cache_shutdown\n /* trigger warning */\n kmem_cache_destroy(nfsd_file_slab)\n kmem_cache_destroy(nfsd_file_mark_slab)\n /* release nfsd_file and mark */\n __destroy_client\n\n====================================================================\nBUG nfsd_file (Not tainted): Objects remaining in nfsd_file on\n__kmem_cache_shutdown()\n--------------------------------------------------------------------\nCPU: 4 UID: 0 PID: 764 Comm: sh Not tainted 6.12.0-rc3+ #1\n\n dump_stack_lvl+0x53/0x70\n slab_err+0xb0/0xf0\n __kmem_cache_shutdown+0x15c/0x310\n kmem_cache_destroy+0x66/0x160\n nfsd_file_cache_shutdown+0xac/0x210 [nfsd]\n nfsd_destroy_serv+0x251/0x2a0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n====================================================================\nBUG nfsd_file_mark (Tainted: G B W ): Objects remaining\nnfsd_file_mark on __kmem_cache_shutdown()\n--------------------------------------------------------------------\n\n dump_stack_lvl+0x53/0x70\n slab_err+0xb0/0xf0\n __kmem_cache_shutdown+0x15c/0x310\n kmem_cache_destroy+0x66/0x160\n nfsd_file_cache_shutdown+0xc8/0x210 [nfsd]\n nfsd_destroy_serv+0x251/0x2a0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTo resolve this issue, cancel `nfsd_shrinker_work` using synchronous\nmode in nfs4_state_shutdown_net.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50121", url: "https://www.suse.com/security/cve/CVE-2024-50121", }, { category: "external", summary: "SUSE Bug 1232925 for CVE-2024-50121", url: "https://bugzilla.suse.com/1232925", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50121", }, { cve: "CVE-2024-50122", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50122", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Hold rescan lock while adding devices during host probe\n\nSince adding the PCI power control code, we may end up with a race between\nthe pwrctl platform device rescanning the bus and host controller probe\nfunctions. The latter need to take the rescan lock when adding devices or\nwe may end up in an undefined state having two incompletely added devices\nand hit the following crash when trying to remove the device over sysfs:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Internal error: Oops: 0000000096000004 [#1] SMP\n Call trace:\n __pi_strlen+0x14/0x150\n kernfs_find_ns+0x80/0x13c\n kernfs_remove_by_name_ns+0x54/0xf0\n sysfs_remove_bin_file+0x24/0x34\n pci_remove_resource_files+0x3c/0x84\n pci_remove_sysfs_dev_files+0x28/0x38\n pci_stop_bus_device+0x8c/0xd8\n pci_stop_bus_device+0x40/0xd8\n pci_stop_and_remove_bus_device_locked+0x28/0x48\n remove_store+0x70/0xb0\n dev_attr_store+0x20/0x38\n sysfs_kf_write+0x58/0x78\n kernfs_fop_write_iter+0xe8/0x184\n vfs_write+0x2dc/0x308\n ksys_write+0x7c/0xec", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50122", url: "https://www.suse.com/security/cve/CVE-2024-50122", }, { category: "external", summary: "SUSE Bug 1232930 for CVE-2024-50122", url: "https://bugzilla.suse.com/1232930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50122", }, { cve: "CVE-2024-50123", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50123", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add the missing BPF_LINK_TYPE invocation for sockmap\n\nThere is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap\nlink fd. Fix it by adding the missing BPF_LINK_TYPE invocation for\nsockmap link\n\nAlso add comments for bpf_link_type to prevent missing updates in the\nfuture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50123", url: "https://www.suse.com/security/cve/CVE-2024-50123", }, { category: "external", summary: "SUSE Bug 1232857 for CVE-2024-50123", url: "https://bugzilla.suse.com/1232857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50123", }, { cve: "CVE-2024-50124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50124", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix UAF on iso_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for iso_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\niso_sk_list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50124", url: "https://www.suse.com/security/cve/CVE-2024-50124", }, { category: "external", summary: "SUSE Bug 1232926 for CVE-2024-50124", url: "https://bugzilla.suse.com/1232926", }, { category: "external", summary: "SUSE Bug 1232927 for CVE-2024-50124", url: "https://bugzilla.suse.com/1232927", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50124", }, { cve: "CVE-2024-50125", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50125", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\nsco_sk_list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50125", url: "https://www.suse.com/security/cve/CVE-2024-50125", }, { category: "external", summary: "SUSE Bug 1232928 for CVE-2024-50125", url: "https://bugzilla.suse.com/1232928", }, { category: "external", summary: "SUSE Bug 1232929 for CVE-2024-50125", url: "https://bugzilla.suse.com/1232929", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50125", }, { cve: "CVE-2024-50126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50126", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in 'taprio_dump()' by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50126", url: "https://www.suse.com/security/cve/CVE-2024-50126", }, { category: "external", summary: "SUSE Bug 1232895 for CVE-2024-50126", url: "https://bugzilla.suse.com/1232895", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50126", }, { cve: "CVE-2024-50127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50127", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix use-after-free in taprio_change()\n\nIn 'taprio_change()', 'admin' pointer may become dangling due to sched\nswitch / removal caused by 'advance_sched()', and critical section\nprotected by 'q->current_entry_lock' is too small to prevent from such\na scenario (which causes use-after-free detected by KASAN). Fix this\nby prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update\n'admin' immediately before an attempt to schedule freeing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50127", url: "https://www.suse.com/security/cve/CVE-2024-50127", }, { category: "external", summary: "SUSE Bug 1232907 for CVE-2024-50127", url: "https://bugzilla.suse.com/1232907", }, { category: "external", summary: "SUSE Bug 1232908 for CVE-2024-50127", url: "https://bugzilla.suse.com/1232908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50127", }, { cve: "CVE-2024-50128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50128", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: fix global oob in wwan_rtnl_policy\n\nThe variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to\na global out-of-bounds read when parsing the netlink attributes. Exactly\nsame bug cause as the oob fixed in commit b33fb5b801c6 (\"net: qualcomm:\nrmnet: fix global oob in rmnet_policy\").\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:388 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603\nRead of size 1 at addr ffffffff8b09cb60 by task syz.1.66276/323862\n\nCPU: 0 PID: 323862 Comm: syz.1.66276 Not tainted 6.1.70 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x14f/0x750 mm/kasan/report.c:395\n kasan_report+0x139/0x170 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:388 [inline]\n __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603\n __nla_parse+0x3c/0x50 lib/nlattr.c:700\n nla_parse_nested_deprecated include/net/netlink.h:1269 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3514 [inline]\n rtnl_newlink+0x7bc/0x1fd0 net/core/rtnetlink.c:3623\n rtnetlink_rcv_msg+0x794/0xef0 net/core/rtnetlink.c:6122\n netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508\n netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]\n netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352\n netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874\n sock_sendmsg_nosec net/socket.c:716 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499\n ___sys_sendmsg+0x21c/0x290 net/socket.c:2553\n __sys_sendmsg net/socket.c:2582 [inline]\n __do_sys_sendmsg net/socket.c:2591 [inline]\n __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f67b19a24ad\nRSP: 002b:00007f67b17febb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f67b1b45f80 RCX: 00007f67b19a24ad\nRDX: 0000000000000000 RSI: 0000000020005e40 RDI: 0000000000000004\nRBP: 00007f67b1a1e01d R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffd2513764f R14: 00007ffd251376e0 R15: 00007f67b17fed40\n </TASK>\n\nThe buggy address belongs to the variable:\n wwan_rtnl_policy+0x20/0x40\n\nThe buggy address belongs to the physical page:\npage:ffffea00002c2700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb09c\nflags: 0xfff00000001000(reserved|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000001000 ffffea00002c2708 ffffea00002c2708 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner info is not present (never set?)\n\nMemory state around the buggy address:\n ffffffff8b09ca00: 05 f9 f9 f9 05 f9 f9 f9 00 01 f9 f9 00 01 f9 f9\n ffffffff8b09ca80: 00 00 00 05 f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9\n>ffffffff8b09cb00: 00 00 00 00 05 f9 f9 f9 00 00 00 00 f9 f9 f9 f9\n ^\n ffffffff8b09cb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n==================================================================\n\nAccording to the comment of `nla_parse_nested_deprecated`, use correct size\n`IFLA_WWAN_MAX` here to fix this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50128", url: "https://www.suse.com/security/cve/CVE-2024-50128", }, { category: "external", summary: "SUSE Bug 1232905 for CVE-2024-50128", url: "https://bugzilla.suse.com/1232905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50128", }, { cve: "CVE-2024-50129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50129", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: pse-pd: Fix out of bound for loop\n\nAdjust the loop limit to prevent out-of-bounds access when iterating over\nPI structures. The loop should not reach the index pcdev->nr_lines since\nwe allocate exactly pcdev->nr_lines number of PI structures. This fix\nensures proper bounds are maintained during iterations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50129", url: "https://www.suse.com/security/cve/CVE-2024-50129", }, { category: "external", summary: "SUSE Bug 1232856 for CVE-2024-50129", url: "https://bugzilla.suse.com/1232856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50129", }, { cve: "CVE-2024-50130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50130", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bpf: must hold reference on net namespace\n\nBUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0\nRead of size 8 at addr ffff8880106fe400 by task repro/72=\nbpf_nf_link_release+0xda/0x1e0\nbpf_link_free+0x139/0x2d0\nbpf_link_release+0x68/0x80\n__fput+0x414/0xb60\n\nEric says:\n It seems that bpf was able to defer the __nf_unregister_net_hook()\n after exit()/close() time.\n Perhaps a netns reference is missing, because the netns has been\n dismantled/freed already.\n bpf_nf_link_attach() does :\n link->net = net;\n But I do not see a reference being taken on net.\n\nAdd such a reference and release it after hook unreg.\nNote that I was unable to get syzbot reproducer to work, so I\ndo not know if this resolves this splat.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50130", url: "https://www.suse.com/security/cve/CVE-2024-50130", }, { category: "external", summary: "SUSE Bug 1232894 for CVE-2024-50130", url: "https://bugzilla.suse.com/1232894", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50130", }, { cve: "CVE-2024-50131", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50131", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Consider the NULL character when validating the event length\n\nstrlen() returns a string length excluding the null byte. If the string\nlength equals to the maximum buffer length, the buffer will have no\nspace for the NULL terminating character.\n\nThis commit checks this condition and returns failure for it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50131", url: "https://www.suse.com/security/cve/CVE-2024-50131", }, { category: "external", summary: "SUSE Bug 1232896 for CVE-2024-50131", url: "https://bugzilla.suse.com/1232896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50131", }, { cve: "CVE-2024-50132", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50132", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: Fix MAX_TRACE_ARGS limit handling\n\nWhen creating a trace_probe we would set nr_args prior to truncating the\narguments to MAX_TRACE_ARGS. However, we would only initialize arguments\nup to the limit.\n\nThis caused invalid memory access when attempting to set up probes with\nmore than 128 fetchargs.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014\n RIP: 0010:__set_print_fmt+0x134/0x330\n\nResolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return\nan error when there are too many arguments instead of silently\ntruncating.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50132", url: "https://www.suse.com/security/cve/CVE-2024-50132", }, { category: "external", summary: "SUSE Bug 1232861 for CVE-2024-50132", url: "https://bugzilla.suse.com/1232861", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50132", }, { cve: "CVE-2024-50133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50133", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Don't crash in stack_top() for tasks without vDSO\n\nNot all tasks have a vDSO mapped, for example kthreads never do. If such\na task ever ends up calling stack_top(), it will derefence the NULL vdso\npointer and crash.\n\nThis can for example happen when using kunit:\n\n\t[<9000000000203874>] stack_top+0x58/0xa8\n\t[<90000000002956cc>] arch_pick_mmap_layout+0x164/0x220\n\t[<90000000003c284c>] kunit_vm_mmap_init+0x108/0x12c\n\t[<90000000003c1fbc>] __kunit_add_resource+0x38/0x8c\n\t[<90000000003c2704>] kunit_vm_mmap+0x88/0xc8\n\t[<9000000000410b14>] usercopy_test_init+0xbc/0x25c\n\t[<90000000003c1db4>] kunit_try_run_case+0x5c/0x184\n\t[<90000000003c3d54>] kunit_generic_run_threadfn_adapter+0x24/0x48\n\t[<900000000022e4bc>] kthread+0xc8/0xd4\n\t[<9000000000200ce8>] ret_from_kernel_thread+0xc/0xa4", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50133", url: "https://www.suse.com/security/cve/CVE-2024-50133", }, { category: "external", summary: "SUSE Bug 1232854 for CVE-2024-50133", url: "https://bugzilla.suse.com/1232854", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50133", }, { cve: "CVE-2024-50134", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50134", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA\n\nReplace the fake VLA at end of the vbva_mouse_pointer_shape shape with\na real VLA to fix a \"memcpy: detected field-spanning write error\" warning:\n\n[ 13.319813] memcpy: detected field-spanning write (size 16896) of single field \"p->data\" at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 (size 4)\n[ 13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 hgsmi_update_pointer_shape+0x192/0x1c0 [vboxvideo]\n[ 13.320038] Call Trace:\n[ 13.320173] hgsmi_update_pointer_shape [vboxvideo]\n[ 13.320184] vbox_cursor_atomic_update [vboxvideo]\n\nNote as mentioned in the added comment it seems the original length\ncalculation for the allocated and send hgsmi buffer is 4 bytes too large.\nChanging this is not the goal of this patch, so this behavior is kept.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50134", url: "https://www.suse.com/security/cve/CVE-2024-50134", }, { category: "external", summary: "SUSE Bug 1232890 for CVE-2024-50134", url: "https://bugzilla.suse.com/1232890", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50134", }, { cve: "CVE-2024-50135", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50135", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix race condition between reset and nvme_dev_disable()\n\nnvme_dev_disable() modifies the dev->online_queues field, therefore\nnvme_pci_update_nr_queues() should avoid racing against it, otherwise\nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().\n\n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347\n pci_irq_get_affinity+0x187/0x210\n Workqueue: nvme-reset-wq nvme_reset_work [nvme]\n RIP: 0010:pci_irq_get_affinity+0x187/0x210\n Call Trace:\n <TASK>\n ? blk_mq_pci_map_queues+0x87/0x3c0\n ? pci_irq_get_affinity+0x187/0x210\n blk_mq_pci_map_queues+0x87/0x3c0\n nvme_pci_map_queues+0x189/0x460 [nvme]\n blk_mq_update_nr_hw_queues+0x2a/0x40\n nvme_reset_work+0x1be/0x2a0 [nvme]\n\nFix the bug by locking the shutdown_lock mutex before using\ndev->online_queues. Give up if nvme_dev_disable() is running or if\nit has been executed already.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50135", url: "https://www.suse.com/security/cve/CVE-2024-50135", }, { category: "external", summary: "SUSE Bug 1232888 for CVE-2024-50135", url: "https://bugzilla.suse.com/1232888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50135", }, { cve: "CVE-2024-50136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50136", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Unregister notifier on eswitch init failure\n\nIt otherwise remains registered and a subsequent attempt at eswitch\nenabling might trigger warnings of the sort:\n\n[ 682.589148] ------------[ cut here ]------------\n[ 682.590204] notifier callback eswitch_vport_event [mlx5_core] already registered\n[ 682.590256] WARNING: CPU: 13 PID: 2660 at kernel/notifier.c:31 notifier_chain_register+0x3e/0x90\n[...snipped]\n[ 682.610052] Call Trace:\n[ 682.610369] <TASK>\n[ 682.610663] ? __warn+0x7c/0x110\n[ 682.611050] ? notifier_chain_register+0x3e/0x90\n[ 682.611556] ? report_bug+0x148/0x170\n[ 682.611977] ? handle_bug+0x36/0x70\n[ 682.612384] ? exc_invalid_op+0x13/0x60\n[ 682.612817] ? asm_exc_invalid_op+0x16/0x20\n[ 682.613284] ? notifier_chain_register+0x3e/0x90\n[ 682.613789] atomic_notifier_chain_register+0x25/0x40\n[ 682.614322] mlx5_eswitch_enable_locked+0x1d4/0x3b0 [mlx5_core]\n[ 682.614965] mlx5_eswitch_enable+0xc9/0x100 [mlx5_core]\n[ 682.615551] mlx5_device_enable_sriov+0x25/0x340 [mlx5_core]\n[ 682.616170] mlx5_core_sriov_configure+0x50/0x170 [mlx5_core]\n[ 682.616789] sriov_numvfs_store+0xb0/0x1b0\n[ 682.617248] kernfs_fop_write_iter+0x117/0x1a0\n[ 682.617734] vfs_write+0x231/0x3f0\n[ 682.618138] ksys_write+0x63/0xe0\n[ 682.618536] do_syscall_64+0x4c/0x100\n[ 682.618958] entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50136", url: "https://www.suse.com/security/cve/CVE-2024-50136", }, { category: "external", summary: "SUSE Bug 1232914 for CVE-2024-50136", url: "https://bugzilla.suse.com/1232914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50136", }, { cve: "CVE-2024-50137", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50137", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nreset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC\n\ndata->asserted will be NULL on JH7110 SoC since commit 82327b127d41\n(\"reset: starfive: Add StarFive JH7110 reset driver\") was added. Add\nthe judgment condition to avoid errors when calling reset_control_status\non JH7110 SoC.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50137", url: "https://www.suse.com/security/cve/CVE-2024-50137", }, { category: "external", summary: "SUSE Bug 1232932 for CVE-2024-50137", url: "https://bugzilla.suse.com/1232932", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50137", }, { cve: "CVE-2024-50138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50138", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Use raw_spinlock_t in ringbuf\n\nThe function __bpf_ringbuf_reserve is invoked from a tracepoint, which\ndisables preemption. Using spinlock_t in this context can lead to a\n\"sleep in atomic\" warning in the RT variant. This issue is illustrated\nin the example below:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 556208, name: test_progs\npreempt_count: 1, expected: 0\nRCU nest depth: 1, expected: 1\nINFO: lockdep is turned off.\nPreemption disabled at:\n[<ffffd33a5c88ea44>] migrate_enable+0xc0/0x39c\nCPU: 7 PID: 556208 Comm: test_progs Tainted: G\nHardware name: Qualcomm SA8775P Ride (DT)\nCall trace:\n dump_backtrace+0xac/0x130\n show_stack+0x1c/0x30\n dump_stack_lvl+0xac/0xe8\n dump_stack+0x18/0x30\n __might_resched+0x3bc/0x4fc\n rt_spin_lock+0x8c/0x1a4\n __bpf_ringbuf_reserve+0xc4/0x254\n bpf_ringbuf_reserve_dynptr+0x5c/0xdc\n bpf_prog_ac3d15160d62622a_test_read_write+0x104/0x238\n trace_call_bpf+0x238/0x774\n perf_call_bpf_enter.isra.0+0x104/0x194\n perf_syscall_enter+0x2f8/0x510\n trace_sys_enter+0x39c/0x564\n syscall_trace_enter+0x220/0x3c0\n do_el0_svc+0x138/0x1dc\n el0_svc+0x54/0x130\n el0t_64_sync_handler+0x134/0x150\n el0t_64_sync+0x17c/0x180\n\nSwitch the spinlock to raw_spinlock_t to avoid this error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50138", url: "https://www.suse.com/security/cve/CVE-2024-50138", }, { category: "external", summary: "SUSE Bug 1232935 for CVE-2024-50138", url: "https://bugzilla.suse.com/1232935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50138", }, { cve: "CVE-2024-50139", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50139", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix shift-out-of-bounds bug\n\nFix a shift-out-of-bounds bug reported by UBSAN when running\nVM with MTE enabled host kernel.\n\nUBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14\nshift exponent 33 is too large for 32-bit type 'int'\nCPU: 26 UID: 0 PID: 7629 Comm: qemu-kvm Not tainted 6.12.0-rc2 #34\nHardware name: IEI NF5280R7/Mitchell MB, BIOS 00.00. 2024-10-12 09:28:54 10/14/2024\nCall trace:\n dump_backtrace+0xa0/0x128\n show_stack+0x20/0x38\n dump_stack_lvl+0x74/0x90\n dump_stack+0x18/0x28\n __ubsan_handle_shift_out_of_bounds+0xf8/0x1e0\n reset_clidr+0x10c/0x1c8\n kvm_reset_sys_regs+0x50/0x1c8\n kvm_reset_vcpu+0xec/0x2b0\n __kvm_vcpu_set_target+0x84/0x158\n kvm_vcpu_set_target+0x138/0x168\n kvm_arch_vcpu_ioctl_vcpu_init+0x40/0x2b0\n kvm_arch_vcpu_ioctl+0x28c/0x4b8\n kvm_vcpu_ioctl+0x4bc/0x7a8\n __arm64_sys_ioctl+0xb4/0x100\n invoke_syscall+0x70/0x100\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x158\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x194/0x198", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50139", url: "https://www.suse.com/security/cve/CVE-2024-50139", }, { category: "external", summary: "SUSE Bug 1233062 for CVE-2024-50139", url: "https://bugzilla.suse.com/1233062", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50139", }, { cve: "CVE-2024-50140", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50140", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq->__lock ]\n -> task_tick_mm_cid()\n -> task_work_add()\n -> __kasan_record_aux_stack()\n -> kasan_save_stack()\n -> stack_depot_save_flags()\n -> alloc_pages_mpol_noprof()\n -> __alloc_pages_noprof()\n\t -> get_page_from_freelist()\n\t -> rmqueue()\n\t -> rmqueue_pcplist()\n\t -> __rmqueue_pcplist()\n\t -> rmqueue_bulk()\n\t -> rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can't sleep while holding\nit. IOW, we can't call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50140", url: "https://www.suse.com/security/cve/CVE-2024-50140", }, { category: "external", summary: "SUSE Bug 1233060 for CVE-2024-50140", url: "https://bugzilla.suse.com/1233060", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50140", }, { cve: "CVE-2024-50141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50141", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context\n\nPRMT needs to find the correct type of block to translate the PA-VA\nmapping for EFI runtime services.\n\nThe issue arises because the PRMT is finding a block of type\nEFI_CONVENTIONAL_MEMORY, which is not appropriate for runtime services\nas described in Section 2.2.2 (Runtime Services) of the UEFI\nSpecification [1]. Since the PRM handler is a type of runtime service,\nthis causes an exception when the PRM handler is called.\n\n [Firmware Bug]: Unable to handle paging request in EFI runtime service\n WARNING: CPU: 22 PID: 4330 at drivers/firmware/efi/runtime-wrappers.c:341\n __efi_queue_work+0x11c/0x170\n Call trace:\n\nLet PRMT find a block with EFI_MEMORY_RUNTIME for PRM handler and PRM\ncontext.\n\nIf no suitable block is found, a warning message will be printed, but\nthe procedure continues to manage the next PRM handler.\n\nHowever, if the PRM handler is actually called without proper allocation,\nit would result in a failure during error handling.\n\nBy using the correct memory types for runtime services, ensure that the\nPRM handler and the context are properly mapped in the virtual address\nspace during runtime, preventing the paging request error.\n\nThe issue is really that only memory that has been remapped for runtime\nby the firmware can be used by the PRM handler, and so the region needs\nto have the EFI_MEMORY_RUNTIME attribute.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50141", url: "https://www.suse.com/security/cve/CVE-2024-50141", }, { category: "external", summary: "SUSE Bug 1233065 for CVE-2024-50141", url: "https://bugzilla.suse.com/1233065", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50141", }, { cve: "CVE-2024-50142", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50142", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA's prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn't put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx->sel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that's how\nprefixlen is going to be used later on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50142", url: "https://www.suse.com/security/cve/CVE-2024-50142", }, { category: "external", summary: "SUSE Bug 1233028 for CVE-2024-50142", url: "https://bugzilla.suse.com/1233028", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50142", }, { cve: "CVE-2024-50143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50143", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: fix uninit-value use in udf_get_fileshortad\n\nCheck for overflow when computing alen in udf_current_aext to mitigate\nlater uninit-value use in udf_get_fileshortad KMSAN bug[1].\nAfter applying the patch reproducer did not trigger any issue[2].\n\n[1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df\n[2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50143", url: "https://www.suse.com/security/cve/CVE-2024-50143", }, { category: "external", summary: "SUSE Bug 1233038 for CVE-2024-50143", url: "https://bugzilla.suse.com/1233038", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50143", }, { cve: "CVE-2024-50144", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50144", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: fix unbalanced rpm put() with fence_fini()\n\nCurrently we can call fence_fini() twice if something goes wrong when\nsending the GuC CT for the tlb request, since we signal the fence and\nreturn an error, leading to the caller also calling fini() on the error\npath in the case of stack version of the flow, which leads to an extra\nrpm put() which might later cause device to enter suspend when it\nshouldn't. It looks like we can just drop the fini() call since the\nfence signaller side will already call this for us.\n\nThere are known mysterious splats with device going to sleep even with\nan rpm ref, and this could be one candidate.\n\nv2 (Matt B):\n - Prefer warning if we detect double fini()\n\n(cherry picked from commit cfcbc0520d5055825f0647ab922b655688605183)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50144", url: "https://www.suse.com/security/cve/CVE-2024-50144", }, { category: "external", summary: "SUSE Bug 1233040 for CVE-2024-50144", url: "https://bugzilla.suse.com/1233040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50144", }, { cve: "CVE-2024-50145", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50145", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()\n\nbuild_skb() returns NULL in case of a memory allocation failure so handle\nit inside __octep_oq_process_rx() to avoid NULL pointer dereference.\n\n__octep_oq_process_rx() is called during NAPI polling by the driver. If\nskb allocation fails, keep on pulling packets out of the Rx DMA queue: we\nshouldn't break the polling immediately and thus falsely indicate to the\noctep_napi_poll() that the Rx pressure is going down. As there is no\nassociated skb in this case, don't process the packets and don't push them\nup the network stack - they are skipped.\n\nHelper function is implemented to unmmap/flush all the fragment buffers\nused by the dropped packet. 'alloc_failures' counter is incremented to\nmark the skb allocation error in driver statistics.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50145", url: "https://www.suse.com/security/cve/CVE-2024-50145", }, { category: "external", summary: "SUSE Bug 1233044 for CVE-2024-50145", url: "https://bugzilla.suse.com/1233044", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50145", }, { cve: "CVE-2024-50146", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50146", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Don't call cleanup on profile rollback failure\n\nWhen profile rollback fails in mlx5e_netdev_change_profile, the netdev\nprofile var is left set to NULL. Avoid a crash when unloading the driver\nby not calling profile->cleanup in such a case.\n\nThis was encountered while testing, with the original trigger that\nthe wq rescuer thread creation got interrupted (presumably due to\nCtrl+C-ing modprobe), which gets converted to ENOMEM (-12) by\nmlx5e_priv_init, the profile rollback also fails for the same reason\n(signal still active) so the profile is left as NULL, leading to a crash\nlater in _mlx5e_remove.\n\n [ 732.473932] mlx5_core 0000:08:00.1: E-Switch: Unload vfs: mode(OFFLOADS), nvfs(2), necvfs(0), active vports(2)\n [ 734.525513] workqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\n [ 734.557372] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12\n [ 734.559187] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: new profile init failed, -12\n [ 734.560153] workqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\n [ 734.589378] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12\n [ 734.591136] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n [ 745.537492] BUG: kernel NULL pointer dereference, address: 0000000000000008\n [ 745.538222] #PF: supervisor read access in kernel mode\n<snipped>\n [ 745.551290] Call Trace:\n [ 745.551590] <TASK>\n [ 745.551866] ? __die+0x20/0x60\n [ 745.552218] ? page_fault_oops+0x150/0x400\n [ 745.555307] ? exc_page_fault+0x79/0x240\n [ 745.555729] ? asm_exc_page_fault+0x22/0x30\n [ 745.556166] ? mlx5e_remove+0x6b/0xb0 [mlx5_core]\n [ 745.556698] auxiliary_bus_remove+0x18/0x30\n [ 745.557134] device_release_driver_internal+0x1df/0x240\n [ 745.557654] bus_remove_device+0xd7/0x140\n [ 745.558075] device_del+0x15b/0x3c0\n [ 745.558456] mlx5_rescan_drivers_locked.part.0+0xb1/0x2f0 [mlx5_core]\n [ 745.559112] mlx5_unregister_device+0x34/0x50 [mlx5_core]\n [ 745.559686] mlx5_uninit_one+0x46/0xf0 [mlx5_core]\n [ 745.560203] remove_one+0x4e/0xd0 [mlx5_core]\n [ 745.560694] pci_device_remove+0x39/0xa0\n [ 745.561112] device_release_driver_internal+0x1df/0x240\n [ 745.561631] driver_detach+0x47/0x90\n [ 745.562022] bus_remove_driver+0x84/0x100\n [ 745.562444] pci_unregister_driver+0x3b/0x90\n [ 745.562890] mlx5_cleanup+0xc/0x1b [mlx5_core]\n [ 745.563415] __x64_sys_delete_module+0x14d/0x2f0\n [ 745.563886] ? kmem_cache_free+0x1b0/0x460\n [ 745.564313] ? lockdep_hardirqs_on_prepare+0xe2/0x190\n [ 745.564825] do_syscall_64+0x6d/0x140\n [ 745.565223] entry_SYSCALL_64_after_hwframe+0x4b/0x53\n [ 745.565725] RIP: 0033:0x7f1579b1288b", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50146", url: "https://www.suse.com/security/cve/CVE-2024-50146", }, { category: "external", summary: "SUSE Bug 1233056 for CVE-2024-50146", url: "https://bugzilla.suse.com/1233056", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50146", }, { cve: "CVE-2024-50147", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50147", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix command bitmask initialization\n\nCommand bitmask have a dedicated bit for MANAGE_PAGES command, this bit\nisn't Initialize during command bitmask Initialization, only during\nMANAGE_PAGES.\n\nIn addition, mlx5_cmd_trigger_completions() is trying to trigger\ncompletion for MANAGE_PAGES command as well.\n\nHence, in case health error occurred before any MANAGE_PAGES command\nhave been invoke (for example, during mlx5_enable_hca()),\nmlx5_cmd_trigger_completions() will try to trigger completion for\nMANAGE_PAGES command, which will result in null-ptr-deref error.[1]\n\nFix it by Initialize command bitmask correctly.\n\nWhile at it, re-write the code for better understanding.\n\n[1]\nBUG: KASAN: null-ptr-deref in mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core]\nWrite of size 4 at addr 0000000000000214 by task kworker/u96:2/12078\nCPU: 10 PID: 12078 Comm: kworker/u96:2 Not tainted 6.9.0-rc2_for_upstream_debug_2024_04_07_19_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_health0000:08:00.0 mlx5_fw_fatal_reporter_err_work [mlx5_core]\nCall Trace:\n <TASK>\n dump_stack_lvl+0x7e/0xc0\n kasan_report+0xb9/0xf0\n kasan_check_range+0xec/0x190\n mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core]\n mlx5_cmd_flush+0x94/0x240 [mlx5_core]\n enter_error_state+0x6c/0xd0 [mlx5_core]\n mlx5_fw_fatal_reporter_err_work+0xf3/0x480 [mlx5_core]\n process_one_work+0x787/0x1490\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? pwq_dec_nr_in_flight+0xda0/0xda0\n ? assign_work+0x168/0x240\n worker_thread+0x586/0xd30\n ? rescuer_thread+0xae0/0xae0\n kthread+0x2df/0x3b0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50147", url: "https://www.suse.com/security/cve/CVE-2024-50147", }, { category: "external", summary: "SUSE Bug 1233067 for CVE-2024-50147", url: "https://bugzilla.suse.com/1233067", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50147", }, { cve: "CVE-2024-50148", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50148", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere's issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n <TASK>\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock's resource.\nTo solve above issue just return bnep_sock_init()'s return value in\nbnep_exit().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50148", url: "https://www.suse.com/security/cve/CVE-2024-50148", }, { category: "external", summary: "SUSE Bug 1233063 for CVE-2024-50148", url: "https://bugzilla.suse.com/1233063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50148", }, { cve: "CVE-2024-50149", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50149", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Don't free job in TDR\n\nFreeing job in TDR is not safe as TDR can pass the run_job thread\nresulting in UAF. It is only safe for free job to naturally be called by\nthe scheduler. Rather free job in TDR, add to pending list.\n\n(cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50149", url: "https://www.suse.com/security/cve/CVE-2024-50149", }, { category: "external", summary: "SUSE Bug 1233034 for CVE-2024-50149", url: "https://bugzilla.suse.com/1233034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50149", }, { cve: "CVE-2024-50150", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50150", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmode should keep reference to parent\n\nThe altmode device release refers to its parent device, but without keeping\na reference to it.\n\nWhen registering the altmode, get a reference to the parent and put it in\nthe release function.\n\nBefore this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues\nlike this:\n\n[ 43.572860] kobject: 'port0.0' (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.573532] kobject: 'port0.1' (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000)\n[ 43.574407] kobject: 'port0' (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.575059] kobject: 'port1.0' (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.575908] kobject: 'port1.1' (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.576908] kobject: 'typec' (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.577769] kobject: 'port1' (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 46.612867] ==================================================================\n[ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129\n[ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48\n[ 46.614538]\n[ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535\n[ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 46.616042] Workqueue: events kobject_delayed_cleanup\n[ 46.616446] Call Trace:\n[ 46.616648] <TASK>\n[ 46.616820] dump_stack_lvl+0x5b/0x7c\n[ 46.617112] ? typec_altmode_release+0x38/0x129\n[ 46.617470] print_report+0x14c/0x49e\n[ 46.617769] ? rcu_read_unlock_sched+0x56/0x69\n[ 46.618117] ? __virt_addr_valid+0x19a/0x1ab\n[ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d\n[ 46.618807] ? typec_altmode_release+0x38/0x129\n[ 46.619161] kasan_report+0x8d/0xb4\n[ 46.619447] ? typec_altmode_release+0x38/0x129\n[ 46.619809] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620185] typec_altmode_release+0x38/0x129\n[ 46.620537] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620907] device_release+0xaf/0xf2\n[ 46.621206] kobject_delayed_cleanup+0x13b/0x17a\n[ 46.621584] process_scheduled_works+0x4f6/0x85f\n[ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10\n[ 46.622353] ? hlock_class+0x31/0x9a\n[ 46.622647] ? lock_acquired+0x361/0x3c3\n[ 46.622956] ? move_linked_works+0x46/0x7d\n[ 46.623277] worker_thread+0x1ce/0x291\n[ 46.623582] ? __kthread_parkme+0xc8/0xdf\n[ 46.623900] ? __pfx_worker_thread+0x10/0x10\n[ 46.624236] kthread+0x17e/0x190\n[ 46.624501] ? kthread+0xfb/0x190\n[ 46.624756] ? __pfx_kthread+0x10/0x10\n[ 46.625015] ret_from_fork+0x20/0x40\n[ 46.625268] ? __pfx_kthread+0x10/0x10\n[ 46.625532] ret_from_fork_asm+0x1a/0x30\n[ 46.625805] </TASK>\n[ 46.625953]\n[ 46.626056] Allocated by task 678:\n[ 46.626287] kasan_save_stack+0x24/0x44\n[ 46.626555] kasan_save_track+0x14/0x2d\n[ 46.626811] __kasan_kmalloc+0x3f/0x4d\n[ 46.627049] __kmalloc_noprof+0x1bf/0x1f0\n[ 46.627362] typec_register_port+0x23/0x491\n[ 46.627698] cros_typec_probe+0x634/0xbb6\n[ 46.628026] platform_probe+0x47/0x8c\n[ 46.628311] really_probe+0x20a/0x47d\n[ 46.628605] device_driver_attach+0x39/0x72\n[ 46.628940] bind_store+0x87/0xd7\n[ 46.629213] kernfs_fop_write_iter+0x1aa/0x218\n[ 46.629574] vfs_write+0x1d6/0x29b\n[ 46.629856] ksys_write+0xcd/0x13b\n[ 46.630128] do_syscall_64+0xd4/0x139\n[ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 46.630820]\n[ 46.630946] Freed by task 48:\n[ 46.631182] kasan_save_stack+0x24/0x44\n[ 46.631493] kasan_save_track+0x14/0x2d\n[ 46.631799] kasan_save_free_info+0x3f/0x4d\n[ 46.632144] __kasan_slab_free+0x37/0x45\n[ 46.632474]\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50150", url: "https://www.suse.com/security/cve/CVE-2024-50150", }, { category: "external", summary: "SUSE Bug 1233051 for CVE-2024-50150", url: "https://bugzilla.suse.com/1233051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50150", }, { cve: "CVE-2024-50151", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50151", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix OOBs when building SMB2_IOCTL request\n\nWhen using encryption, either enforced by the server or when using\n'seal' mount option, the client will squash all compound request buffers\ndown for encryption into a single iov in smb2_set_next_command().\n\nSMB2_ioctl_init() allocates a small buffer (448 bytes) to hold the\nSMB2_IOCTL request in the first iov, and if the user passes an input\nbuffer that is greater than 328 bytes, smb2_set_next_command() will\nend up writing off the end of @rqst->iov[0].iov_base as shown below:\n\n mount.cifs //srv/share /mnt -o ...,seal\n ln -s $(perl -e \"print('a')for 1..1024\") /mnt/link\n\n BUG: KASAN: slab-out-of-bounds in\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n Write of size 4116 at addr ffff8881148fcab8 by task ln/859\n\n CPU: 1 UID: 0 PID: 859 Comm: ln Not tainted 6.12.0-rc3 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n 1.16.3-2.fc40 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x5d/0x80\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n print_report+0x156/0x4d9\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n ? __virt_addr_valid+0x145/0x310\n ? __phys_addr+0x46/0x90\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n kasan_report+0xda/0x110\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n kasan_check_range+0x10f/0x1f0\n __asan_memcpy+0x3c/0x60\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n smb2_compound_op+0x238c/0x3840 [cifs]\n ? kasan_save_track+0x14/0x30\n ? kasan_save_free_info+0x3b/0x70\n ? vfs_symlink+0x1a1/0x2c0\n ? do_symlinkat+0x108/0x1c0\n ? __pfx_smb2_compound_op+0x10/0x10 [cifs]\n ? kmem_cache_free+0x118/0x3e0\n ? cifs_get_writable_path+0xeb/0x1a0 [cifs]\n smb2_get_reparse_inode+0x423/0x540 [cifs]\n ? __pfx_smb2_get_reparse_inode+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? __kmalloc_noprof+0x37c/0x480\n ? smb2_create_reparse_symlink+0x257/0x490 [cifs]\n ? smb2_create_reparse_symlink+0x38f/0x490 [cifs]\n smb2_create_reparse_symlink+0x38f/0x490 [cifs]\n ? __pfx_smb2_create_reparse_symlink+0x10/0x10 [cifs]\n ? find_held_lock+0x8a/0xa0\n ? hlock_class+0x32/0xb0\n ? __build_path_from_dentry_optional_prefix+0x19d/0x2e0 [cifs]\n cifs_symlink+0x24f/0x960 [cifs]\n ? __pfx_make_vfsuid+0x10/0x10\n ? __pfx_cifs_symlink+0x10/0x10 [cifs]\n ? make_vfsgid+0x6b/0xc0\n ? generic_permission+0x96/0x2d0\n vfs_symlink+0x1a1/0x2c0\n do_symlinkat+0x108/0x1c0\n ? __pfx_do_symlinkat+0x10/0x10\n ? strncpy_from_user+0xaa/0x160\n __x64_sys_symlinkat+0xb9/0xf0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f08d75c13bb", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50151", url: "https://www.suse.com/security/cve/CVE-2024-50151", }, { category: "external", summary: "SUSE Bug 1233055 for CVE-2024-50151", url: "https://bugzilla.suse.com/1233055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50151", }, { cve: "CVE-2024-50152", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50152", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50152", url: "https://www.suse.com/security/cve/CVE-2024-50152", }, { category: "external", summary: "SUSE Bug 1233033 for CVE-2024-50152", url: "https://bugzilla.suse.com/1233033", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50152", }, { cve: "CVE-2024-50153", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50153", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Fix null-ptr-deref in target_alloc_device()\n\nThere is a null-ptr-deref issue reported by KASAN:\n\nBUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod]\n...\n kasan_report+0xb9/0xf0\n target_alloc_device+0xbc4/0xbe0 [target_core_mod]\n core_dev_setup_virtual_lun0+0xef/0x1f0 [target_core_mod]\n target_core_init_configfs+0x205/0x420 [target_core_mod]\n do_one_initcall+0xdd/0x4e0\n...\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nIn target_alloc_device(), if allocing memory for dev queues fails, then\ndev will be freed by dev->transport->free_device(), but dev->transport\nis not initialized at that time, which will lead to a null pointer\nreference problem.\n\nFixing this bug by freeing dev with hba->backend->ops->free_device().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50153", url: "https://www.suse.com/security/cve/CVE-2024-50153", }, { category: "external", summary: "SUSE Bug 1233061 for CVE-2024-50153", url: "https://bugzilla.suse.com/1233061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50153", }, { cve: "CVE-2024-50154", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50154", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req->sk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer->entry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req->sk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req->sk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req->sk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req->sk\n\nLet's not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50154", url: "https://www.suse.com/security/cve/CVE-2024-50154", }, { category: "external", summary: "SUSE Bug 1233070 for CVE-2024-50154", url: "https://bugzilla.suse.com/1233070", }, { category: "external", summary: "SUSE Bug 1233072 for CVE-2024-50154", url: "https://bugzilla.suse.com/1233072", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50154", }, { cve: "CVE-2024-50155", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50155", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: use cond_resched() in nsim_dev_trap_report_work()\n\nI am still seeing many syzbot reports hinting that syzbot\nmight fool nsim_dev_trap_report_work() with hundreds of ports [1]\n\nLets use cond_resched(), and system_unbound_wq\ninstead of implicit system_wq.\n\n[1]\nINFO: task syz-executor:20633 blocked for more than 143 seconds.\n Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz-executor state:D stack:25856 pid:20633 tgid:20633 ppid:1 flags:0x00004006\n...\nNMI backtrace for cpu 1\nCPU: 1 UID: 0 PID: 16760 Comm: kworker/1:0 Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events nsim_dev_trap_report_work\n RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:210\nCode: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 c3 c7 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0\nRSP: 0018:ffffc90000a187e8 EFLAGS: 00000246\nRAX: 0000000000000100 RBX: ffffc90000a188e0 RCX: ffff888027d3bc00\nRDX: ffff888027d3bc00 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffff88804a2e6000 R08: ffffffff8a4bc495 R09: ffffffff89da3577\nR10: 0000000000000004 R11: ffffffff8a4bc2b0 R12: dffffc0000000000\nR13: ffff88806573b503 R14: dffffc0000000000 R15: ffff8880663cca00\nFS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fc90a747f98 CR3: 000000000e734000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 000000000000002b DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400\nCall Trace:\n <NMI>\n </NMI>\n <TASK>\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]\n nsim_dev_trap_report_work+0x75d/0xaa0 drivers/net/netdevsim/dev.c:850\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50155", url: "https://www.suse.com/security/cve/CVE-2024-50155", }, { category: "external", summary: "SUSE Bug 1233035 for CVE-2024-50155", url: "https://bugzilla.suse.com/1233035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50155", }, { cve: "CVE-2024-50156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50156", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Avoid NULL dereference in msm_disp_state_print_regs()\n\nIf the allocation in msm_disp_state_dump_regs() failed then\n`block->state` can be NULL. The msm_disp_state_print_regs() function\n_does_ have code to try to handle it with:\n\n if (*reg)\n dump_addr = *reg;\n\n...but since \"dump_addr\" is initialized to NULL the above is actually\na noop. The code then goes on to dereference `dump_addr`.\n\nMake the function print \"Registers not stored\" when it sees a NULL to\nsolve this. Since we're touching the code, fix\nmsm_disp_state_print_regs() not to pointlessly take a double-pointer\nand properly mark the pointer as `const`.\n\nPatchwork: https://patchwork.freedesktop.org/patch/619657/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50156", url: "https://www.suse.com/security/cve/CVE-2024-50156", }, { category: "external", summary: "SUSE Bug 1233073 for CVE-2024-50156", url: "https://bugzilla.suse.com/1233073", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50156", }, { cve: "CVE-2024-50157", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50157", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop\n\nDriver waits indefinitely for the fifo occupancy to go below a threshold\nas soon as the pacing interrupt is received. This can cause soft lockup on\none of the processors, if the rate of DB is very high.\n\nAdd a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th\nif the loop is taking more time. Pacing will be continuing until the\noccupancy is below the threshold. This is ensured by the checks in\nbnxt_re_pacing_timer_exp and further scheduling the work for pacing based\non the fifo occupancy.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50157", url: "https://www.suse.com/security/cve/CVE-2024-50157", }, { category: "external", summary: "SUSE Bug 1233032 for CVE-2024-50157", url: "https://bugzilla.suse.com/1233032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50157", }, { cve: "CVE-2024-50158", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50158", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix out of bound check\n\nDriver exports pacing stats only on GenP5 and P7 adapters. But while\nparsing the pacing stats, driver has a check for \"rdev->dbr_pacing\". This\ncaused a trace when KASAN is enabled.\n\nBUG: KASAN: slab-out-of-bounds in bnxt_re_get_hw_stats+0x2b6a/0x2e00 [bnxt_re]\nWrite of size 8 at addr ffff8885942a6340 by task modprobe/4809", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50158", url: "https://www.suse.com/security/cve/CVE-2024-50158", }, { category: "external", summary: "SUSE Bug 1233036 for CVE-2024-50158", url: "https://bugzilla.suse.com/1233036", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50158", }, { cve: "CVE-2024-50159", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50159", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()\n\nClang static checker(scan-build) throws below warning:\n | drivers/firmware/arm_scmi/driver.c:line 2915, column 2\n | Attempt to free released memory.\n\nWhen devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup()\nwill run twice which causes double free of 'dbg->name'.\n\nRemove the redundant scmi_debugfs_common_cleanup() to fix this problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50159", url: "https://www.suse.com/security/cve/CVE-2024-50159", }, { category: "external", summary: "SUSE Bug 1233041 for CVE-2024-50159", url: "https://bugzilla.suse.com/1233041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50159", }, { cve: "CVE-2024-50160", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50160", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs8409: Fix possible NULL dereference\n\nIf snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then\nNULL pointer dereference will occur in the next line.\n\nSince dolphin_fixups function is a hda_fixup function which is not supposed\nto return any errors, add simple check before dereference, ignore the fail.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50160", url: "https://www.suse.com/security/cve/CVE-2024-50160", }, { category: "external", summary: "SUSE Bug 1233074 for CVE-2024-50160", url: "https://bugzilla.suse.com/1233074", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50160", }, { cve: "CVE-2024-50161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50161", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check the remaining info_cnt before repeating btf fields\n\nWhen trying to repeat the btf fields for array of nested struct, it\ndoesn't check the remaining info_cnt. The following splat will be\nreported when the value of ret * nelems is greater than BTF_FIELDS_MAX:\n\n ------------[ cut here ]------------\n UBSAN: array-index-out-of-bounds in ../kernel/bpf/btf.c:3951:49\n index 11 is out of range for type 'btf_field_info [11]'\n CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...\n Call Trace:\n <TASK>\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n ubsan_epilogue+0x9/0x40\n __ubsan_handle_out_of_bounds+0x6f/0x80\n ? kallsyms_lookup_name+0x48/0xb0\n btf_parse_fields+0x992/0xce0\n map_create+0x591/0x770\n __sys_bpf+0x229/0x2410\n __x64_sys_bpf+0x1f/0x30\n x64_sys_call+0x199/0x9f0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x7fea56f2cc5d\n ......\n </TASK>\n ---[ end trace ]---\n\nFix it by checking the remaining info_cnt in btf_repeat_fields() before\nrepeating the btf fields.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50161", url: "https://www.suse.com/security/cve/CVE-2024-50161", }, { category: "external", summary: "SUSE Bug 1233037 for CVE-2024-50161", url: "https://bugzilla.suse.com/1233037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50161", }, { cve: "CVE-2024-50162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50162", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: devmap: provide rxq after redirect\n\nrxq contains a pointer to the device from where\nthe redirect happened. Currently, the BPF program\nthat was executed after a redirect via BPF_MAP_TYPE_DEVMAP*\ndoes not have it set.\n\nThis is particularly bad since accessing ingress_ifindex, e.g.\n\nSEC(\"xdp\")\nint prog(struct xdp_md *pkt)\n{\n return bpf_redirect_map(&dev_redirect_map, 0, 0);\n}\n\nSEC(\"xdp/devmap\")\nint prog_after_redirect(struct xdp_md *pkt)\n{\n bpf_printk(\"ifindex %i\", pkt->ingress_ifindex);\n return XDP_PASS;\n}\n\ndepends on access to rxq, so a NULL pointer gets dereferenced:\n\n<1>[ 574.475170] BUG: kernel NULL pointer dereference, address: 0000000000000000\n<1>[ 574.475188] #PF: supervisor read access in kernel mode\n<1>[ 574.475194] #PF: error_code(0x0000) - not-present page\n<6>[ 574.475199] PGD 0 P4D 0\n<4>[ 574.475207] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n<4>[ 574.475217] CPU: 4 UID: 0 PID: 217 Comm: kworker/4:1 Not tainted 6.11.0-rc5-reduced-00859-g780801200300 #23\n<4>[ 574.475226] Hardware name: Intel(R) Client Systems NUC13ANHi7/NUC13ANBi7, BIOS ANRPL357.0026.2023.0314.1458 03/14/2023\n<4>[ 574.475231] Workqueue: mld mld_ifc_work\n<4>[ 574.475247] RIP: 0010:bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n<4>[ 574.475257] Code: cc cc cc cc cc cc cc 80 00 00 00 cc cc cc cc cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 66 90 55 48 89 e5 f3 0f 1e fa 48 8b 57 20 <48> 8b 52 00 8b 92 e0 00 00 00 48 bf f8 a6 d5 c4 5d a0 ff ff be 0b\n<4>[ 574.475263] RSP: 0018:ffffa62440280c98 EFLAGS: 00010206\n<4>[ 574.475269] RAX: ffffa62440280cd8 RBX: 0000000000000001 RCX: 0000000000000000\n<4>[ 574.475274] RDX: 0000000000000000 RSI: ffffa62440549048 RDI: ffffa62440280ce0\n<4>[ 574.475278] RBP: ffffa62440280c98 R08: 0000000000000002 R09: 0000000000000001\n<4>[ 574.475281] R10: ffffa05dc8b98000 R11: ffffa05f577fca40 R12: ffffa05dcab24000\n<4>[ 574.475285] R13: ffffa62440280ce0 R14: ffffa62440549048 R15: ffffa62440549000\n<4>[ 574.475289] FS: 0000000000000000(0000) GS:ffffa05f4f700000(0000) knlGS:0000000000000000\n<4>[ 574.475294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n<4>[ 574.475298] CR2: 0000000000000000 CR3: 000000025522e000 CR4: 0000000000f50ef0\n<4>[ 574.475303] PKRU: 55555554\n<4>[ 574.475306] Call Trace:\n<4>[ 574.475313] <IRQ>\n<4>[ 574.475318] ? __die+0x23/0x70\n<4>[ 574.475329] ? page_fault_oops+0x180/0x4c0\n<4>[ 574.475339] ? skb_pp_cow_data+0x34c/0x490\n<4>[ 574.475346] ? kmem_cache_free+0x257/0x280\n<4>[ 574.475357] ? exc_page_fault+0x67/0x150\n<4>[ 574.475368] ? asm_exc_page_fault+0x26/0x30\n<4>[ 574.475381] ? bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n<4>[ 574.475386] bq_xmit_all+0x158/0x420\n<4>[ 574.475397] __dev_flush+0x30/0x90\n<4>[ 574.475407] veth_poll+0x216/0x250 [veth]\n<4>[ 574.475421] __napi_poll+0x28/0x1c0\n<4>[ 574.475430] net_rx_action+0x32d/0x3a0\n<4>[ 574.475441] handle_softirqs+0xcb/0x2c0\n<4>[ 574.475451] do_softirq+0x40/0x60\n<4>[ 574.475458] </IRQ>\n<4>[ 574.475461] <TASK>\n<4>[ 574.475464] __local_bh_enable_ip+0x66/0x70\n<4>[ 574.475471] __dev_queue_xmit+0x268/0xe40\n<4>[ 574.475480] ? selinux_ip_postroute+0x213/0x420\n<4>[ 574.475491] ? alloc_skb_with_frags+0x4a/0x1d0\n<4>[ 574.475502] ip6_finish_output2+0x2be/0x640\n<4>[ 574.475512] ? nf_hook_slow+0x42/0xf0\n<4>[ 574.475521] ip6_finish_output+0x194/0x300\n<4>[ 574.475529] ? __pfx_ip6_finish_output+0x10/0x10\n<4>[ 574.475538] mld_sendpack+0x17c/0x240\n<4>[ 574.475548] mld_ifc_work+0x192/0x410\n<4>[ 574.475557] process_one_work+0x15d/0x380\n<4>[ 574.475566] worker_thread+0x29d/0x3a0\n<4>[ 574.475573] ? __pfx_worker_thread+0x10/0x10\n<4>[ 574.475580] ? __pfx_worker_thread+0x10/0x10\n<4>[ 574.475587] kthread+0xcd/0x100\n<4>[ 574.475597] ? __pfx_kthread+0x10/0x10\n<4>[ 574.475606] ret_from_fork+0x31/0x50\n<4>[ 574.475615] ? __pfx_kthread+0x10/0x10\n<4>[ 574.475623] ret_from_fork_asm+0x1a/0x\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50162", url: "https://www.suse.com/security/cve/CVE-2024-50162", }, { category: "external", summary: "SUSE Bug 1233075 for CVE-2024-50162", url: "https://bugzilla.suse.com/1233075", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50162", }, { cve: "CVE-2024-50163", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50163", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Make sure internal and UAPI bpf_redirect flags don't overlap\n\nThe bpf_redirect_info is shared between the SKB and XDP redirect paths,\nand the two paths use the same numeric flag values in the ri->flags\nfield (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP). This means that\nif skb bpf_redirect_neigh() is used with a non-NULL params argument and,\nsubsequently, an XDP redirect is performed using the same\nbpf_redirect_info struct, the XDP path will get confused and end up\ncrashing, which syzbot managed to trigger.\n\nWith the stack-allocated bpf_redirect_info, the structure is no longer\nshared between the SKB and XDP paths, so the crash doesn't happen\nanymore. However, different code paths using identically-numbered flag\nvalues in the same struct field still seems like a bit of a mess, so\nthis patch cleans that up by moving the flag definitions together and\nredefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap\nwith the flags used for XDP. It also adds a BUILD_BUG_ON() check to make\nsure the overlap is not re-introduced by mistake.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50163", url: "https://www.suse.com/security/cve/CVE-2024-50163", }, { category: "external", summary: "SUSE Bug 1233098 for CVE-2024-50163", url: "https://bugzilla.suse.com/1233098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50163", }, { cve: "CVE-2024-50164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50164", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix overloading of MEM_UNINIT's meaning\n\nLonial reported an issue in the BPF verifier where check_mem_size_reg()\nhas the following code:\n\n if (!tnum_is_const(reg->var_off))\n /* For unprivileged variable accesses, disable raw\n * mode so that the program is required to\n * initialize all the memory that the helper could\n * just partially fill up.\n */\n meta = NULL;\n\nThis means that writes are not checked when the register containing the\nsize of the passed buffer has not a fixed size. Through this bug, a BPF\nprogram can write to a map which is marked as read-only, for example,\n.rodata global maps.\n\nThe problem is that MEM_UNINIT's initial meaning that \"the passed buffer\nto the BPF helper does not need to be initialized\" which was added back\nin commit 435faee1aae9 (\"bpf, verifier: add ARG_PTR_TO_RAW_STACK type\")\ngot overloaded over time with \"the passed buffer is being written to\".\n\nThe problem however is that checks such as the above which were added later\nvia 06c1c049721a (\"bpf: allow helpers access to variable memory\") set meta\nto NULL in order force the user to always initialize the passed buffer to\nthe helper. Due to the current double meaning of MEM_UNINIT, this bypasses\nverifier write checks to the memory (not boundary checks though) and only\nassumes the latter memory is read instead.\n\nFix this by reverting MEM_UNINIT back to its original meaning, and having\nMEM_WRITE as an annotation to BPF helpers in order to then trigger the\nBPF verifier checks for writing to memory.\n\nSome notes: check_arg_pair_ok() ensures that for ARG_CONST_SIZE{,_OR_ZERO}\nwe can access fn->arg_type[arg - 1] since it must contain a preceding\nARG_PTR_TO_MEM. For check_mem_reg() the meta argument can be removed\naltogether since we do check both BPF_READ and BPF_WRITE. Same for the\nequivalent check_kfunc_mem_size_reg().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50164", url: "https://www.suse.com/security/cve/CVE-2024-50164", }, { category: "external", summary: "SUSE Bug 1233099 for CVE-2024-50164", url: "https://bugzilla.suse.com/1233099", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50164", }, { cve: "CVE-2024-50165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50165", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Preserve param->string when parsing mount options\n\nIn bpf_parse_param(), keep the value of param->string intact so it can\nbe freed later. Otherwise, the kmalloc area pointed to by param->string\nwill be leaked as shown below:\n\nunreferenced object 0xffff888118c46d20 (size 8):\n comm \"new_name\", pid 12109, jiffies 4295580214\n hex dump (first 8 bytes):\n 61 6e 79 00 38 c9 5c 7e any.8.\\~\n backtrace (crc e1b7f876):\n [<00000000c6848ac7>] kmemleak_alloc+0x4b/0x80\n [<00000000de9f7d00>] __kmalloc_node_track_caller_noprof+0x36e/0x4a0\n [<000000003e29b886>] memdup_user+0x32/0xa0\n [<0000000007248326>] strndup_user+0x46/0x60\n [<0000000035b3dd29>] __x64_sys_fsconfig+0x368/0x3d0\n [<0000000018657927>] x64_sys_call+0xff/0x9f0\n [<00000000c0cabc95>] do_syscall_64+0x3b/0xc0\n [<000000002f331597>] entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50165", url: "https://www.suse.com/security/cve/CVE-2024-50165", }, { category: "external", summary: "SUSE Bug 1233031 for CVE-2024-50165", url: "https://bugzilla.suse.com/1233031", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50165", }, { cve: "CVE-2024-50166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50166", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfsl/fman: Fix refcount handling of fman-related devices\n\nIn mac_probe() there are multiple calls to of_find_device_by_node(),\nfman_bind() and fman_port_bind() which takes references to of_dev->dev.\nNot all references taken by these calls are released later on error path\nin mac_probe() and in mac_remove() which lead to reference leaks.\n\nAdd references release.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50166", url: "https://www.suse.com/security/cve/CVE-2024-50166", }, { category: "external", summary: "SUSE Bug 1233050 for CVE-2024-50166", url: "https://bugzilla.suse.com/1233050", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50166", }, { cve: "CVE-2024-50167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50167", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50167", url: "https://www.suse.com/security/cve/CVE-2024-50167", }, { category: "external", summary: "SUSE Bug 1233049 for CVE-2024-50167", url: "https://bugzilla.suse.com/1233049", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50167", }, { cve: "CVE-2024-50168", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50168", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sun3_82586: fix potential memory leak in sun3_82586_send_packet()\n\nThe sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb\nin case of skb->len being too long, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50168", url: "https://www.suse.com/security/cve/CVE-2024-50168", }, { category: "external", summary: "SUSE Bug 1233059 for CVE-2024-50168", url: "https://bugzilla.suse.com/1233059", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50168", }, { cve: "CVE-2024-50170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50170", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmasp: fix potential memory leak in bcmasp_xmit()\n\nThe bcmasp_xmit() returns NETDEV_TX_OK without freeing skb\nin case of mapping fails, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50170", url: "https://www.suse.com/security/cve/CVE-2024-50170", }, { category: "external", summary: "SUSE Bug 1233030 for CVE-2024-50170", url: "https://bugzilla.suse.com/1233030", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50170", }, { cve: "CVE-2024-50171", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50171", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50171", url: "https://www.suse.com/security/cve/CVE-2024-50171", }, { category: "external", summary: "SUSE Bug 1233057 for CVE-2024-50171", url: "https://bugzilla.suse.com/1233057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50171", }, { cve: "CVE-2024-50172", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50172", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix a possible memory leak\n\nIn bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails\ndriver is not freeing the memory allocated for \"rdev->chip_ctx\".", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50172", url: "https://www.suse.com/security/cve/CVE-2024-50172", }, { category: "external", summary: "SUSE Bug 1233029 for CVE-2024-50172", url: "https://bugzilla.suse.com/1233029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50172", }, { cve: "CVE-2024-50173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50173", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()\n\nThe group variable can't be used to retrieve ptdev in our second loop,\nbecause it points to the previously iterated list_head, not a valid\ngroup. Get the ptdev object from the scheduler instead.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50173", url: "https://www.suse.com/security/cve/CVE-2024-50173", }, { category: "external", summary: "SUSE Bug 1233094 for CVE-2024-50173", url: "https://bugzilla.suse.com/1233094", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50173", }, { cve: "CVE-2024-50174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50174", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix race when converting group handle to group object\n\nXArray provides it's own internal lock which protects the internal array\nwhen entries are being simultaneously added and removed. However there\nis still a race between retrieving the pointer from the XArray and\nincrementing the reference count.\n\nTo avoid this race simply hold the internal XArray lock when\nincrementing the reference count, this ensures there cannot be a racing\ncall to xa_erase().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50174", url: "https://www.suse.com/security/cve/CVE-2024-50174", }, { category: "external", summary: "SUSE Bug 1233093 for CVE-2024-50174", url: "https://bugzilla.suse.com/1233093", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50174", }, { cve: "CVE-2024-50175", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50175", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: Remove use_count guard in stop_streaming\n\nThe use_count check was introduced so that multiple concurrent Raw Data\nInterfaces RDIs could be driven by different virtual channels VCs on the\nCSIPHY input driving the video pipeline.\n\nThis is an invalid use of use_count though as use_count pertains to the\nnumber of times a video entity has been opened by user-space not the number\nof active streams.\n\nIf use_count and stream-on count don't agree then stop_streaming() will\nbreak as is currently the case and has become apparent when using CAMSS\nwith libcamera's released softisp 0.3.\n\nThe use of use_count like this is a bit hacky and right now breaks regular\nusage of CAMSS for a single stream case. Stopping qcam results in the splat\nbelow, and then it cannot be started again and any attempts to do so fails\nwith -EBUSY.\n\n[ 1265.509831] WARNING: CPU: 5 PID: 919 at drivers/media/common/videobuf2/videobuf2-core.c:2183 __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common]\n...\n[ 1265.510630] Call trace:\n[ 1265.510636] __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common]\n[ 1265.510648] vb2_core_streamoff+0x24/0xcc [videobuf2_common]\n[ 1265.510660] vb2_ioctl_streamoff+0x5c/0xa8 [videobuf2_v4l2]\n[ 1265.510673] v4l_streamoff+0x24/0x30 [videodev]\n[ 1265.510707] __video_do_ioctl+0x190/0x3f4 [videodev]\n[ 1265.510732] video_usercopy+0x304/0x8c4 [videodev]\n[ 1265.510757] video_ioctl2+0x18/0x34 [videodev]\n[ 1265.510782] v4l2_ioctl+0x40/0x60 [videodev]\n...\n[ 1265.510944] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 0 in active state\n[ 1265.511175] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 1 in active state\n[ 1265.511398] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 2 in active st\n\nOne CAMSS specific way to handle multiple VCs on the same RDI might be:\n\n- Reference count each pipeline enable for CSIPHY, CSID, VFE and RDIx.\n- The video buffers are already associated with msm_vfeN_rdiX so\n release video buffers when told to do so by stop_streaming.\n- Only release the power-domains for the CSIPHY, CSID and VFE when\n their internal refcounts drop.\n\nEither way refusing to release video buffers based on use_count is\nerroneous and should be reverted. The silicon enabling code for selecting\nVCs is perfectly fine. Its a \"known missing feature\" that concurrent VCs\nwon't work with CAMSS right now.\n\nInitial testing with this code didn't show an error but, SoftISP and \"real\"\nusage with Google Hangouts breaks the upstream code pretty quickly, we need\nto do a partial revert and take another pass at VCs.\n\nThis commit partially reverts commit 89013969e232 (\"media: camss: sm8250:\nPipeline starting and stopping for multiple virtual channels\")", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50175", url: "https://www.suse.com/security/cve/CVE-2024-50175", }, { category: "external", summary: "SUSE Bug 1233092 for CVE-2024-50175", url: "https://bugzilla.suse.com/1233092", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50175", }, { cve: "CVE-2024-50176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50176", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: k3-r5: Fix error handling when power-up failed\n\nBy simply bailing out, the driver was violating its rule and internal\nassumptions that either both or no rproc should be initialized. E.g.,\nthis could cause the first core to be available but not the second one,\nleading to crashes on its shutdown later on while trying to dereference\nthat second instance.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50176", url: "https://www.suse.com/security/cve/CVE-2024-50176", }, { category: "external", summary: "SUSE Bug 1233091 for CVE-2024-50176", url: "https://bugzilla.suse.com/1233091", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50176", }, { cve: "CVE-2024-50177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50177", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a UBSAN warning in DML2.1\n\nWhen programming phantom pipe, since cursor_width is explicity set to 0,\nthis causes calculation logic to trigger overflow for an unsigned int\ntriggering the kernel's UBSAN check as below:\n\n[ 40.962845] UBSAN: shift-out-of-bounds in /tmp/amd.EfpumTkO/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3312:34\n[ 40.962849] shift exponent 4294967170 is too large for 32-bit type 'unsigned int'\n[ 40.962852] CPU: 1 PID: 1670 Comm: gnome-shell Tainted: G W OE 6.5.0-41-generic #41~22.04.2-Ubuntu\n[ 40.962854] Hardware name: Gigabyte Technology Co., Ltd. X670E AORUS PRO X/X670E AORUS PRO X, BIOS F21 01/10/2024\n[ 40.962856] Call Trace:\n[ 40.962857] <TASK>\n[ 40.962860] dump_stack_lvl+0x48/0x70\n[ 40.962870] dump_stack+0x10/0x20\n[ 40.962872] __ubsan_handle_shift_out_of_bounds+0x1ac/0x360\n[ 40.962878] calculate_cursor_req_attributes.cold+0x1b/0x28 [amdgpu]\n[ 40.963099] dml_core_mode_support+0x6b91/0x16bc0 [amdgpu]\n[ 40.963327] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963331] ? CalculateWatermarksMALLUseAndDRAMSpeedChangeSupport+0x18b8/0x2790 [amdgpu]\n[ 40.963534] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963536] ? dml_core_mode_support+0xb3db/0x16bc0 [amdgpu]\n[ 40.963730] dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu]\n[ 40.963906] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963909] ? dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu]\n[ 40.964078] core_dcn4_mode_support+0x72/0xbf0 [amdgpu]\n[ 40.964247] dml2_top_optimization_perform_optimization_phase+0x1d3/0x2a0 [amdgpu]\n[ 40.964420] dml2_build_mode_programming+0x23d/0x750 [amdgpu]\n[ 40.964587] dml21_validate+0x274/0x770 [amdgpu]\n[ 40.964761] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.964763] ? resource_append_dpp_pipes_for_plane_composition+0x27c/0x3b0 [amdgpu]\n[ 40.964942] dml2_validate+0x504/0x750 [amdgpu]\n[ 40.965117] ? dml21_copy+0x95/0xb0 [amdgpu]\n[ 40.965291] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.965295] dcn401_validate_bandwidth+0x4e/0x70 [amdgpu]\n[ 40.965491] update_planes_and_stream_state+0x38d/0x5c0 [amdgpu]\n[ 40.965672] update_planes_and_stream_v3+0x52/0x1e0 [amdgpu]\n[ 40.965845] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.965849] dc_update_planes_and_stream+0x71/0xb0 [amdgpu]\n\nFix this by adding a guard for checking cursor width before triggering\nthe size calculation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50177", url: "https://www.suse.com/security/cve/CVE-2024-50177", }, { category: "external", summary: "SUSE Bug 1233115 for CVE-2024-50177", url: "https://bugzilla.suse.com/1233115", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50177", }, { cve: "CVE-2024-50178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50178", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()\n\nUse raw_smp_processor_id() instead of plain smp_processor_id() in\ndo_service_request(), otherwise we may get some errors with the driver\nenabled:\n\n BUG: using smp_processor_id() in preemptible [00000000] code: (udev-worker)/208\n caller is loongson3_cpufreq_probe+0x5c/0x250 [loongson3_cpufreq]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50178", url: "https://www.suse.com/security/cve/CVE-2024-50178", }, { category: "external", summary: "SUSE Bug 1233121 for CVE-2024-50178", url: "https://bugzilla.suse.com/1233121", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50178", }, { cve: "CVE-2024-50179", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50179", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won't hold the Fw caps and there is case\nwill it get the Fw reference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50179", url: "https://www.suse.com/security/cve/CVE-2024-50179", }, { category: "external", summary: "SUSE Bug 1233123 for CVE-2024-50179", url: "https://bugzilla.suse.com/1233123", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50179", }, { cve: "CVE-2024-50180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50180", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sisfb: Fix strbuf array overflow\n\nThe values of the variables xres and yres are placed in strbuf.\nThese variables are obtained from strbuf1.\nThe strbuf1 array contains digit characters\nand a space if the array contains non-digit characters.\nThen, when executing sprintf(strbuf, \"%ux%ux8\", xres, yres);\nmore than 16 bytes will be written to strbuf.\nIt is suggested to increase the size of the strbuf array to 24.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50180", url: "https://www.suse.com/security/cve/CVE-2024-50180", }, { category: "external", summary: "SUSE Bug 1233125 for CVE-2024-50180", url: "https://bugzilla.suse.com/1233125", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50180", }, { cve: "CVE-2024-50181", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50181", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50181", url: "https://www.suse.com/security/cve/CVE-2024-50181", }, { category: "external", summary: "SUSE Bug 1233127 for CVE-2024-50181", url: "https://bugzilla.suse.com/1233127", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50181", }, { cve: "CVE-2024-50182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50182", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsecretmem: disable memfd_secret() if arch cannot set direct map\n\nReturn -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This\nis the case for example on some arm64 configurations, where marking 4k\nPTEs in the direct map not present can only be done if the direct map is\nset up at 4k granularity in the first place (as ARM's break-before-make\nsemantics do not easily allow breaking apart large/gigantic pages).\n\nMore precisely, on arm64 systems with !can_set_direct_map(),\nset_direct_map_invalid_noflush() is a no-op, however it returns success\n(0) instead of an error. This means that memfd_secret will seemingly\n\"work\" (e.g. syscall succeeds, you can mmap the fd and fault in pages),\nbut it does not actually achieve its goal of removing its memory from the\ndirect map.\n\nNote that with this patch, memfd_secret() will start erroring on systems\nwhere can_set_direct_map() returns false (arm64 with\nCONFIG_RODATA_FULL_DEFAULT_ENABLED=n, CONFIG_DEBUG_PAGEALLOC=n and\nCONFIG_KFENCE=n), but that still seems better than the current silent\nfailure. Since CONFIG_RODATA_FULL_DEFAULT_ENABLED defaults to 'y', most\narm64 systems actually have a working memfd_secret() and aren't be\naffected.\n\nFrom going through the iterations of the original memfd_secret patch\nseries, it seems that disabling the syscall in these scenarios was the\nintended behavior [1] (preferred over having\nset_direct_map_invalid_noflush return an error as that would result in\nSIGBUSes at page-fault time), however the check for it got dropped between\nv16 [2] and v17 [3], when secretmem moved away from CMA allocations.\n\n[1]: https://lore.kernel.org/lkml/20201124164930.GK8537@kernel.org/\n[2]: https://lore.kernel.org/lkml/20210121122723.3446-11-rppt@kernel.org/#t\n[3]: https://lore.kernel.org/lkml/20201125092208.12544-10-rppt@kernel.org/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50182", url: "https://www.suse.com/security/cve/CVE-2024-50182", }, { category: "external", summary: "SUSE Bug 1233129 for CVE-2024-50182", url: "https://bugzilla.suse.com/1233129", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50182", }, { cve: "CVE-2024-50183", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50183", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance\n\nDeleting an NPIV instance requires all fabric ndlps to be released before\nan NPIV's resources can be torn down. Failure to release fabric ndlps\nbeforehand opens kref imbalance race conditions. Fix by forcing the DA_ID\nto complete synchronously with usage of wait_queue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50183", url: "https://www.suse.com/security/cve/CVE-2024-50183", }, { category: "external", summary: "SUSE Bug 1233130 for CVE-2024-50183", url: "https://bugzilla.suse.com/1233130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50183", }, { cve: "CVE-2024-50184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50184", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_pmem: Check device status before requesting flush\n\nIf a pmem device is in a bad status, the driver side could wait for\nhost ack forever in virtio_pmem_flush(), causing the system to hang.\n\nSo add a status check in the beginning of virtio_pmem_flush() to return\nearly if the device is not activated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50184", url: "https://www.suse.com/security/cve/CVE-2024-50184", }, { category: "external", summary: "SUSE Bug 1233135 for CVE-2024-50184", url: "https://bugzilla.suse.com/1233135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50184", }, { cve: "CVE-2024-50185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50185", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50185", url: "https://www.suse.com/security/cve/CVE-2024-50185", }, { category: "external", summary: "SUSE Bug 1233109 for CVE-2024-50185", url: "https://bugzilla.suse.com/1233109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50185", }, { cve: "CVE-2024-50186", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50186", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: explicitly clear the sk pointer, when pf->create fails\n\nWe have recently noticed the exact same KASAN splat as in commit\n6cd4a78d962b (\"net: do not leave a dangling sk pointer, when socket\ncreation fails\"). The problem is that commit did not fully address the\nproblem, as some pf->create implementations do not use sk_common_release\nin their error paths.\n\nFor example, we can use the same reproducer as in the above commit, but\nchanging ping to arping. arping uses AF_PACKET socket and if packet_create\nfails, it will just sk_free the allocated sk object.\n\nWhile we could chase all the pf->create implementations and make sure they\nNULL the freed sk object on error from the socket, we can't guarantee\nfuture protocols will not make the same mistake.\n\nSo it is easier to just explicitly NULL the sk pointer upon return from\npf->create in __sock_create. We do know that pf->create always releases the\nallocated sk object on error, so if the pointer is not NULL, it is\ndefinitely dangling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50186", url: "https://www.suse.com/security/cve/CVE-2024-50186", }, { category: "external", summary: "SUSE Bug 1233110 for CVE-2024-50186", url: "https://bugzilla.suse.com/1233110", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50186", }, { cve: "CVE-2024-50187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50187", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Stop the active perfmon before being destroyed\n\nUpon closing the file descriptor, the active performance monitor is not\nstopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`,\nthe active performance monitor's pointer (`vc4->active_perfmon`) is still\nretained.\n\nIf we open a new file descriptor and submit a few jobs with performance\nmonitors, the driver will attempt to stop the active performance monitor\nusing the stale pointer in `vc4->active_perfmon`. However, this pointer\nis no longer valid because the previous process has already terminated,\nand all performance monitors associated with it have been destroyed and\nfreed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50187", url: "https://www.suse.com/security/cve/CVE-2024-50187", }, { category: "external", summary: "SUSE Bug 1233108 for CVE-2024-50187", url: "https://bugzilla.suse.com/1233108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50187", }, { cve: "CVE-2024-50188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50188", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: dp83869: fix memory corruption when enabling fiber\n\nWhen configuring the fiber port, the DP83869 PHY driver incorrectly\ncalls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit\nnumber (10). This corrupts some other memory location -- in case of\narm64 the priv pointer in the same structure.\n\nSince the advertising flags are updated from supported at the end of the\nfunction the incorrect line isn't needed at all and can be removed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50188", url: "https://www.suse.com/security/cve/CVE-2024-50188", }, { category: "external", summary: "SUSE Bug 1233107 for CVE-2024-50188", url: "https://bugzilla.suse.com/1233107", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50188", }, { cve: "CVE-2024-50189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50189", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Switch to device-managed dmam_alloc_coherent()\n\nUsing the device-managed version allows to simplify clean-up in probe()\nerror path.\n\nAdditionally, this device-managed ensures proper cleanup, which helps to\nresolve memory errors, page faults, btrfs going read-only, and btrfs\ndisk corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50189", url: "https://www.suse.com/security/cve/CVE-2024-50189", }, { category: "external", summary: "SUSE Bug 1233105 for CVE-2024-50189", url: "https://bugzilla.suse.com/1233105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50189", }, { cve: "CVE-2024-50190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50190", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memleak in ice_init_tx_topology()\n\nFix leak of the FW blob (DDP pkg).\n\nMake ice_cfg_tx_topo() const-correct, so ice_init_tx_topology() can avoid\ncopying whole FW blob. Copy just the topology section, and only when\nneeded. Reuse the buffer allocated for the read of the current topology.\n\nThis was found by kmemleak, with the following trace for each PF:\n [<ffffffff8761044d>] kmemdup_noprof+0x1d/0x50\n [<ffffffffc0a0a480>] ice_init_ddp_config+0x100/0x220 [ice]\n [<ffffffffc0a0da7f>] ice_init_dev+0x6f/0x200 [ice]\n [<ffffffffc0a0dc49>] ice_init+0x29/0x560 [ice]\n [<ffffffffc0a10c1d>] ice_probe+0x21d/0x310 [ice]\n\nConstify ice_cfg_tx_topo() @buf parameter.\nThis cascades further down to few more functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50190", url: "https://www.suse.com/security/cve/CVE-2024-50190", }, { category: "external", summary: "SUSE Bug 1233090 for CVE-2024-50190", url: "https://bugzilla.suse.com/1233090", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50190", }, { cve: "CVE-2024-50191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50191", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don't set SB_RDONLY after filesystem errors\n\nWhen the filesystem is mounted with errors=remount-ro, we were setting\nSB_RDONLY flag to stop all filesystem modifications. We knew this misses\nproper locking (sb->s_umount) and does not go through proper filesystem\nremount procedure but it has been the way this worked since early ext2\ndays and it was good enough for catastrophic situation damage\nmitigation. Recently, syzbot has found a way (see link) to trigger\nwarnings in filesystem freezing because the code got confused by\nSB_RDONLY changing under its hands. Since these days we set\nEXT4_FLAGS_SHUTDOWN on the superblock which is enough to stop all\nfilesystem modifications, modifying SB_RDONLY shouldn't be needed. So\nstop doing that.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50191", url: "https://www.suse.com/security/cve/CVE-2024-50191", }, { category: "external", summary: "SUSE Bug 1233101 for CVE-2024-50191", url: "https://bugzilla.suse.com/1233101", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50191", }, { cve: "CVE-2024-50192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50192", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v4: Don't allow a VMOVP on a dying VPE\n\nKunkun Jiang reported that there is a small window of opportunity for\nuserspace to force a change of affinity for a VPE while the VPE has already\nbeen unmapped, but the corresponding doorbell interrupt still visible in\n/proc/irq/.\n\nPlug the race by checking the value of vmapp_count, which tracks whether\nthe VPE is mapped ot not, and returning an error in this case.\n\nThis involves making vmapp_count common to both GICv4.1 and its v4.0\nancestor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50192", url: "https://www.suse.com/security/cve/CVE-2024-50192", }, { category: "external", summary: "SUSE Bug 1233106 for CVE-2024-50192", url: "https://bugzilla.suse.com/1233106", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50192", }, { cve: "CVE-2024-50193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50193", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50193", url: "https://www.suse.com/security/cve/CVE-2024-50193", }, { category: "external", summary: "SUSE Bug 1233102 for CVE-2024-50193", url: "https://bugzilla.suse.com/1233102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50193", }, { cve: "CVE-2024-50194", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50194", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Fix uprobes for big-endian kernels\n\nThe arm64 uprobes code is broken for big-endian kernels as it doesn't\nconvert the in-memory instruction encoding (which is always\nlittle-endian) into the kernel's native endianness before analyzing and\nsimulating instructions. This may result in a few distinct problems:\n\n* The kernel may may erroneously reject probing an instruction which can\n safely be probed.\n\n* The kernel may erroneously erroneously permit stepping an\n instruction out-of-line when that instruction cannot be stepped\n out-of-line safely.\n\n* The kernel may erroneously simulate instruction incorrectly dur to\n interpretting the byte-swapped encoding.\n\nThe endianness mismatch isn't caught by the compiler or sparse because:\n\n* The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so\n the compiler and sparse have no idea these contain a little-endian\n 32-bit value. The core uprobes code populates these with a memcpy()\n which similarly does not handle endianness.\n\n* While the uprobe_opcode_t type is an alias for __le32, both\n arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[]\n to the similarly-named probe_opcode_t, which is an alias for u32.\n Hence there is no endianness conversion warning.\n\nFix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and\nadding the appropriate __le32_to_cpu() conversions prior to consuming\nthe instruction encoding. The core uprobes copies these fields as opaque\nranges of bytes, and so is unaffected by this change.\n\nAt the same time, remove MAX_UINSN_BYTES and consistently use\nAARCH64_INSN_SIZE for clarity.\n\nTested with the following:\n\n| #include <stdio.h>\n| #include <stdbool.h>\n|\n| #define noinline __attribute__((noinline))\n|\n| static noinline void *adrp_self(void)\n| {\n| void *addr;\n|\n| asm volatile(\n| \" adrp %x0, adrp_self\\n\"\n| \" add %x0, %x0, :lo12:adrp_self\\n\"\n| : \"=r\" (addr));\n| }\n|\n|\n| int main(int argc, char *argv)\n| {\n| void *ptr = adrp_self();\n| bool equal = (ptr == adrp_self);\n|\n| printf(\"adrp_self => %p\\n\"\n| \"adrp_self() => %p\\n\"\n| \"%s\\n\",\n| adrp_self, ptr, equal ? \"EQUAL\" : \"NOT EQUAL\");\n|\n| return 0;\n| }\n\n.... where the adrp_self() function was compiled to:\n\n| 00000000004007e0 <adrp_self>:\n| 4007e0: 90000000 adrp x0, 400000 <__ehdr_start>\n| 4007e4: 911f8000 add x0, x0, #0x7e0\n| 4007e8: d65f03c0 ret\n\nBefore this patch, the ADRP is not recognized, and is assumed to be\nsteppable, resulting in corruption of the result:\n\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL\n| # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events\n| # echo 1 > /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0xffffffffff7e0\n| NOT EQUAL\n\nAfter this patch, the ADRP is correctly recognized and simulated:\n\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL\n| #\n| # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events\n| # echo 1 > /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50194", url: "https://www.suse.com/security/cve/CVE-2024-50194", }, { category: "external", summary: "SUSE Bug 1233111 for CVE-2024-50194", url: "https://bugzilla.suse.com/1233111", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50194", }, { cve: "CVE-2024-50195", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50195", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct's tv_sec and tv_nsec range before calling\nptp->info->settime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp->tv_sec and tp->tv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50195", url: "https://www.suse.com/security/cve/CVE-2024-50195", }, { category: "external", summary: "SUSE Bug 1233103 for CVE-2024-50195", url: "https://bugzilla.suse.com/1233103", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50195", }, { cve: "CVE-2024-50196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50196", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: ocelot: fix system hang on level based interrupts\n\nThe current implementation only calls chained_irq_enter() and\nchained_irq_exit() if it detects pending interrupts.\n\n```\nfor (i = 0; i < info->stride; i++) {\n\turegmap_read(info->map, id_reg + 4 * i, ®);\n\tif (!reg)\n\t\tcontinue;\n\n\tchained_irq_enter(parent_chip, desc);\n```\n\nHowever, in case of GPIO pin configured in level mode and the parent\ncontroller configured in edge mode, GPIO interrupt might be lowered by the\nhardware. In the result, if the interrupt is short enough, the parent\ninterrupt is still pending while the GPIO interrupt is cleared;\nchained_irq_enter() never gets called and the system hangs trying to\nservice the parent interrupt.\n\nMoving chained_irq_enter() and chained_irq_exit() outside the for loop\nensures that they are called even when GPIO interrupt is lowered by the\nhardware.\n\nThe similar code with chained_irq_enter() / chained_irq_exit() functions\nwrapping interrupt checking loop may be found in many other drivers:\n```\ngrep -r -A 10 chained_irq_enter drivers/pinctrl\n```", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50196", url: "https://www.suse.com/security/cve/CVE-2024-50196", }, { category: "external", summary: "SUSE Bug 1233113 for CVE-2024-50196", url: "https://bugzilla.suse.com/1233113", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50196", }, { cve: "CVE-2024-50197", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50197", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: intel: platform: fix error path in device_for_each_child_node()\n\nThe device_for_each_child_node() loop requires calls to\nfwnode_handle_put() upon early returns to decrement the refcount of\nthe child node and avoid leaking memory if that error path is triggered.\n\nThere is one early returns within that loop in\nintel_platform_pinctrl_prepare_community(), but fwnode_handle_put() is\nmissing.\n\nInstead of adding the missing call, the scoped version of the loop can\nbe used to simplify the code and avoid mistakes in the future if new\nearly returns are added, as the child node is only used for parsing, and\nit is never assigned.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50197", url: "https://www.suse.com/security/cve/CVE-2024-50197", }, { category: "external", summary: "SUSE Bug 1233089 for CVE-2024-50197", url: "https://bugzilla.suse.com/1233089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50197", }, { cve: "CVE-2024-50198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50198", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: veml6030: fix IIO device retrieval from embedded device\n\nThe dev pointer that is received as an argument in the\nin_illuminance_period_available_show function references the device\nembedded in the IIO device, not in the i2c client.\n\ndev_to_iio_dev() must be used to accessthe right data. The current\nimplementation leads to a segmentation fault on every attempt to read\nthe attribute because indio_dev gets a NULL assignment.\n\nThis bug has been present since the first appearance of the driver,\napparently since the last version (V6) before getting applied. A\nconstant attribute was used until then, and the last modifications might\nhave not been tested again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50198", url: "https://www.suse.com/security/cve/CVE-2024-50198", }, { category: "external", summary: "SUSE Bug 1233100 for CVE-2024-50198", url: "https://bugzilla.suse.com/1233100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50198", }, { cve: "CVE-2024-50199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50199", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/swapfile: skip HugeTLB pages for unuse_vma\n\nI got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The\nproblem can be reproduced by the following steps:\n\n 1. Allocate an anonymous 1GB HugeTLB and some other anonymous memory.\n 2. Swapout the above anonymous memory.\n 3. run swapoff and we will get a bad pud error in kernel message:\n\n mm/pgtable-generic.c:42: bad pud 00000000743d215d(84000001400000e7)\n\nWe can tell that pud_clear_bad is called by pud_none_or_clear_bad in\nunuse_pud_range() by ftrace. And therefore the HugeTLB pages will never\nbe freed because we lost it from page table. We can skip HugeTLB pages\nfor unuse_vma to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50199", url: "https://www.suse.com/security/cve/CVE-2024-50199", }, { category: "external", summary: "SUSE Bug 1233112 for CVE-2024-50199", url: "https://bugzilla.suse.com/1233112", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50199", }, { cve: "CVE-2024-50200", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50200", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmaple_tree: correct tree corruption on spanning store\n\nPatch series \"maple_tree: correct tree corruption on spanning store\", v3.\n\nThere has been a nasty yet subtle maple tree corruption bug that appears\nto have been in existence since the inception of the algorithm.\n\nThis bug seems far more likely to happen since commit f8d112a4e657\n(\"mm/mmap: avoid zeroing vma tree in mmap_region()\"), which is the point\nat which reports started to be submitted concerning this bug.\n\nWe were made definitely aware of the bug thanks to the kind efforts of\nBert Karwatzki who helped enormously in my being able to track this down\nand identify the cause of it.\n\nThe bug arises when an attempt is made to perform a spanning store across\ntwo leaf nodes, where the right leaf node is the rightmost child of the\nshared parent, AND the store completely consumes the right-mode node.\n\nThis results in mas_wr_spanning_store() mitakenly duplicating the new and\nexisting entries at the maximum pivot within the range, and thus maple\ntree corruption.\n\nThe fix patch corrects this by detecting this scenario and disallowing the\nmistaken duplicate copy.\n\nThe fix patch commit message goes into great detail as to how this occurs.\n\nThis series also includes a test which reliably reproduces the issue, and\nasserts that the fix works correctly.\n\nBert has kindly tested the fix and confirmed it resolved his issues. Also\nMikhail Gavrilov kindly reported what appears to be precisely the same\nbug, which this fix should also resolve.\n\n\nThis patch (of 2):\n\nThere has been a subtle bug present in the maple tree implementation from\nits inception.\n\nThis arises from how stores are performed - when a store occurs, it will\noverwrite overlapping ranges and adjust the tree as necessary to\naccommodate this.\n\nA range may always ultimately span two leaf nodes. In this instance we\nwalk the two leaf nodes, determine which elements are not overwritten to\nthe left and to the right of the start and end of the ranges respectively\nand then rebalance the tree to contain these entries and the newly\ninserted one.\n\nThis kind of store is dubbed a 'spanning store' and is implemented by\nmas_wr_spanning_store().\n\nIn order to reach this stage, mas_store_gfp() invokes\nmas_wr_preallocate(), mas_wr_store_type() and mas_wr_walk() in turn to\nwalk the tree and update the object (mas) to traverse to the location\nwhere the write should be performed, determining its store type.\n\nWhen a spanning store is required, this function returns false stopping at\nthe parent node which contains the target range, and mas_wr_store_type()\nmarks the mas->store_type as wr_spanning_store to denote this fact.\n\nWhen we go to perform the store in mas_wr_spanning_store(), we first\ndetermine the elements AFTER the END of the range we wish to store (that\nis, to the right of the entry to be inserted) - we do this by walking to\nthe NEXT pivot in the tree (i.e. r_mas.last + 1), starting at the node we\nhave just determined contains the range over which we intend to write.\n\nWe then turn our attention to the entries to the left of the entry we are\ninserting, whose state is represented by l_mas, and copy these into a 'big\nnode', which is a special node which contains enough slots to contain two\nleaf node's worth of data.\n\nWe then copy the entry we wish to store immediately after this - the copy\nand the insertion of the new entry is performed by mas_store_b_node().\n\nAfter this we copy the elements to the right of the end of the range which\nwe are inserting, if we have not exceeded the length of the node (i.e. \nr_mas.offset <= r_mas.end).\n\nHerein lies the bug - under very specific circumstances, this logic can\nbreak and corrupt the maple tree.\n\nConsider the following tree:\n\nHeight\n 0 Root Node\n / \\\n pivot = 0xffff / \\ pivot = ULONG_MAX\n / \n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50200", url: "https://www.suse.com/security/cve/CVE-2024-50200", }, { category: "external", summary: "SUSE Bug 1233088 for CVE-2024-50200", url: "https://bugzilla.suse.com/1233088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50200", }, { cve: "CVE-2024-50201", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50201", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Fix encoder->possible_clones\n\nInclude the encoder itself in its possible_clones bitmask.\nIn the past nothing validated that drivers were populating\npossible_clones correctly, but that changed in commit\n74d2aacbe840 (\"drm: Validate encoder->possible_clones\").\nLooks like radeon never got the memo and is still not\nfollowing the rules 100% correctly.\n\nThis results in some warnings during driver initialization:\nBogus possible_clones: [ENCODER:46:TV-46] possible_clones=0x4 (full encoder mask=0x7)\nWARNING: CPU: 0 PID: 170 at drivers/gpu/drm/drm_mode_config.c:615 drm_mode_config_validate+0x113/0x39c\n...\n\n(cherry picked from commit 3b6e7d40649c0d75572039aff9d0911864c689db)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50201", url: "https://www.suse.com/security/cve/CVE-2024-50201", }, { category: "external", summary: "SUSE Bug 1233104 for CVE-2024-50201", url: "https://bugzilla.suse.com/1233104", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50201", }, { cve: "CVE-2024-50205", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50205", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()\n\nThe step variable is initialized to zero. It is changed in the loop,\nbut if it's not changed it will remain zero. Add a variable check\nbefore the division.\n\nThe observed behavior was introduced by commit 826b5de90c0b\n(\"ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size\"),\nand it is difficult to show that any of the interval parameters will\nsatisfy the snd_interval_test() condition with data from the\namdtp_rate_table[] table.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50205", url: "https://www.suse.com/security/cve/CVE-2024-50205", }, { category: "external", summary: "SUSE Bug 1233293 for CVE-2024-50205", url: "https://bugzilla.suse.com/1233293", }, { category: "external", summary: "SUSE Bug 1233294 for CVE-2024-50205", url: "https://bugzilla.suse.com/1233294", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50205", }, { cve: "CVE-2024-50206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50206", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: fix memory corruption during fq dma init\n\nThe loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must\nonly touch as many descriptors, otherwise it ends up corrupting unrelated\nmemory. Fix the loop iteration count accordingly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50206", url: "https://www.suse.com/security/cve/CVE-2024-50206", }, { category: "external", summary: "SUSE Bug 1233288 for CVE-2024-50206", url: "https://bugzilla.suse.com/1233288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50206", }, { cve: "CVE-2024-50207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50207", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix reader locking when changing the sub buffer order\n\nThe function ring_buffer_subbuf_order_set() updates each\nring_buffer_per_cpu and installs new sub buffers that match the requested\npage order. This operation may be invoked concurrently with readers that\nrely on some of the modified data, such as the head bit (RB_PAGE_HEAD), or\nthe ring_buffer_per_cpu.pages and reader_page pointers. However, no\nexclusive access is acquired by ring_buffer_subbuf_order_set(). Modifying\nthe mentioned data while a reader also operates on them can then result in\nincorrect memory access and various crashes.\n\nFix the problem by taking the reader_lock when updating a specific\nring_buffer_per_cpu in ring_buffer_subbuf_order_set().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50207", url: "https://www.suse.com/security/cve/CVE-2024-50207", }, { category: "external", summary: "SUSE Bug 1233122 for CVE-2024-50207", url: "https://bugzilla.suse.com/1233122", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50207", }, { cve: "CVE-2024-50208", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50208", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages\n\nAvoid memory corruption while setting up Level-2 PBL pages for the non MR\nresources when num_pages > 256K.\n\nThere will be a single PDE page address (contiguous pages in the case of >\nPAGE_SIZE), but, current logic assumes multiple pages, leading to invalid\nmemory access after 256K PBL entries in the PDE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50208", url: "https://www.suse.com/security/cve/CVE-2024-50208", }, { category: "external", summary: "SUSE Bug 1233117 for CVE-2024-50208", url: "https://bugzilla.suse.com/1233117", }, { category: "external", summary: "SUSE Bug 1233118 for CVE-2024-50208", url: "https://bugzilla.suse.com/1233118", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50208", }, { cve: "CVE-2024-50209", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50209", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add a check for memory allocation\n\n__alloc_pbl() can return error when memory allocation fails.\nDriver is not checking the status on one of the instances.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50209", url: "https://www.suse.com/security/cve/CVE-2024-50209", }, { category: "external", summary: "SUSE Bug 1233114 for CVE-2024-50209", url: "https://bugzilla.suse.com/1233114", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50209", }, { cve: "CVE-2024-50210", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50210", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid's fd,\nand get the clk->rwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid's fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50210", url: "https://www.suse.com/security/cve/CVE-2024-50210", }, { category: "external", summary: "SUSE Bug 1233097 for CVE-2024-50210", url: "https://bugzilla.suse.com/1233097", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50210", }, { cve: "CVE-2024-50211", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50211", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: refactor inode_bmap() to handle error\n\nRefactor inode_bmap() to handle error since udf_next_aext() can return\nerror now. On situations like ftruncate, udf_extend_file() can now\ndetect errors and bail out early without resorting to checking for\nparticular offsets and assuming internal behavior of these functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50211", url: "https://www.suse.com/security/cve/CVE-2024-50211", }, { category: "external", summary: "SUSE Bug 1233096 for CVE-2024-50211", url: "https://bugzilla.suse.com/1233096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50211", }, { cve: "CVE-2024-50212", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50212", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nlib: alloc_tag_module_unload must wait for pending kfree_rcu calls\n\nBen Greear reports following splat:\n ------------[ cut here ]------------\n net/netfilter/nf_nat_core.c:1114 module nf_nat func:nf_nat_register_fn has 256 allocated at module unload\n WARNING: CPU: 1 PID: 10421 at lib/alloc_tag.c:168 alloc_tag_module_unload+0x22b/0x3f0\n Modules linked in: nf_nat(-) btrfs ufs qnx4 hfsplus hfs minix vfat msdos fat\n...\n Hardware name: Default string Default string/SKYBAY, BIOS 5.12 08/04/2020\n RIP: 0010:alloc_tag_module_unload+0x22b/0x3f0\n codetag_unload_module+0x19b/0x2a0\n ? codetag_load_module+0x80/0x80\n\nnf_nat module exit calls kfree_rcu on those addresses, but the free\noperation is likely still pending by the time alloc_tag checks for leaks.\n\nWait for outstanding kfree_rcu operations to complete before checking\nresolves this warning.\n\nReproducer:\nunshare -n iptables-nft -t nat -A PREROUTING -p tcp\ngrep nf_nat /proc/allocinfo # will list 4 allocations\nrmmod nft_chain_nat\nrmmod nf_nat # will WARN.\n\n[akpm@linux-foundation.org: add comment]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50212", url: "https://www.suse.com/security/cve/CVE-2024-50212", }, { category: "external", summary: "SUSE Bug 1233173 for CVE-2024-50212", url: "https://bugzilla.suse.com/1233173", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50212", }, { cve: "CVE-2024-50213", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50213", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()\n\nmodprobe drm_hdmi_state_helper_test and then rmmod it, the following\nmemory leak occurs.\n\nThe `mode` allocated in drm_mode_duplicate() called by\ndrm_display_mode_from_cea_vic() is not freed, which cause the memory leak:\n\n\tunreferenced object 0xffffff80ccd18100 (size 128):\n\t comm \"kunit_try_catch\", pid 1851, jiffies 4295059695\n\t hex dump (first 32 bytes):\n\t 57 62 00 00 80 02 90 02 f0 02 20 03 00 00 e0 01 Wb........ .....\n\t ea 01 ec 01 0d 02 00 00 0a 00 00 00 00 00 00 00 ................\n\t backtrace (crc c2f1aa95):\n\t [<000000000f10b11b>] kmemleak_alloc+0x34/0x40\n\t [<000000001cd4cf73>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<00000000f1f3cffa>] drm_mode_duplicate+0x44/0x19c\n\t [<000000008cbeef13>] drm_display_mode_from_cea_vic+0x88/0x98\n\t [<0000000019daaacf>] 0xffffffedc11ae69c\n\t [<000000000aad0f85>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000a9210bac>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<000000000a0b2e9e>] kthread+0x2e8/0x374\n\t [<00000000bd668858>] ret_from_fork+0x10/0x20\n\t......\n\nFree `mode` by using drm_kunit_display_mode_from_cea_vic()\nto fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50213", url: "https://www.suse.com/security/cve/CVE-2024-50213", }, { category: "external", summary: "SUSE Bug 1233174 for CVE-2024-50213", url: "https://bugzilla.suse.com/1233174", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50213", }, { cve: "CVE-2024-50214", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50214", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic()\n\nmodprobe drm_connector_test and then rmmod drm_connector_test,\nthe following memory leak occurs.\n\nThe `mode` allocated in drm_mode_duplicate() called by\ndrm_display_mode_from_cea_vic() is not freed, which cause the memory leak:\n\n\tunreferenced object 0xffffff80cb0ee400 (size 128):\n\t comm \"kunit_try_catch\", pid 1948, jiffies 4294950339\n\t hex dump (first 32 bytes):\n\t 14 44 02 00 80 07 d8 07 04 08 98 08 00 00 38 04 .D............8.\n\t 3c 04 41 04 65 04 00 00 05 00 00 00 00 00 00 00 <.A.e...........\n\t backtrace (crc 90e9585c):\n\t [<00000000ec42e3d7>] kmemleak_alloc+0x34/0x40\n\t [<00000000d0ef055a>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<00000000c2062161>] drm_mode_duplicate+0x44/0x19c\n\t [<00000000f96c74aa>] drm_display_mode_from_cea_vic+0x88/0x98\n\t [<00000000d8f2c8b4>] 0xffffffdc982a4868\n\t [<000000005d164dbc>] kunit_try_run_case+0x13c/0x3ac\n\t [<000000006fb23398>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<000000006ea56ca0>] kthread+0x2e8/0x374\n\t [<000000000676063f>] ret_from_fork+0x10/0x20\n\t......\n\nFree `mode` by using drm_kunit_display_mode_from_cea_vic()\nto fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50214", url: "https://www.suse.com/security/cve/CVE-2024-50214", }, { category: "external", summary: "SUSE Bug 1233177 for CVE-2024-50214", url: "https://bugzilla.suse.com/1233177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50214", }, { cve: "CVE-2024-50215", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50215", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-auth: assign dh_key to NULL after kfree_sensitive\n\nctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()\nfor the same controller. So it's better to nullify it after release on\nerror path in order to avoid double free later in nvmet_destroy_auth().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50215", url: "https://www.suse.com/security/cve/CVE-2024-50215", }, { category: "external", summary: "SUSE Bug 1233189 for CVE-2024-50215", url: "https://bugzilla.suse.com/1233189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50215", }, { cve: "CVE-2024-50216", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50216", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix finding a last resort AG in xfs_filestream_pick_ag\n\nWhen the main loop in xfs_filestream_pick_ag fails to find a suitable\nAG it tries to just pick the online AG. But the loop for that uses\nargs->pag as loop iterator while the later code expects pag to be\nset. Fix this by reusing the max_pag case for this last resort, and\nalso add a check for impossible case of no AG just to make sure that\nthe uninitialized pag doesn't even escape in theory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50216", url: "https://www.suse.com/security/cve/CVE-2024-50216", }, { category: "external", summary: "SUSE Bug 1233179 for CVE-2024-50216", url: "https://bugzilla.suse.com/1233179", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50216", }, { cve: "CVE-2024-50217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50217", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()\n\nMounting btrfs from two images (which have the same one fsid and two\ndifferent dev_uuids) in certain executing order may trigger an UAF for\nvariable 'device->bdev_file' in __btrfs_free_extra_devids(). And\nfollowing are the details:\n\n1. Attach image_1 to loop0, attach image_2 to loop1, and scan btrfs\n devices by ioctl(BTRFS_IOC_SCAN_DEV):\n\n / btrfs_device_1 → loop0\n fs_device\n \\ btrfs_device_2 → loop1\n2. mount /dev/loop0 /mnt\n btrfs_open_devices\n btrfs_device_1->bdev_file = btrfs_get_bdev_and_sb(loop0)\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n fail: btrfs_close_devices // -ENOMEM\n\t btrfs_close_bdev(btrfs_device_1)\n fput(btrfs_device_1->bdev_file)\n\t // btrfs_device_1->bdev_file is freed\n\t btrfs_close_bdev(btrfs_device_2)\n fput(btrfs_device_2->bdev_file)\n\n3. mount /dev/loop1 /mnt\n btrfs_open_devices\n btrfs_get_bdev_and_sb(&bdev_file)\n // EIO, btrfs_device_1->bdev_file is not assigned,\n // which points to a freed memory area\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n btrfs_free_extra_devids\n if (btrfs_device_1->bdev_file)\n fput(btrfs_device_1->bdev_file) // UAF !\n\nFix it by setting 'device->bdev_file' as 'NULL' after closing the\nbtrfs_device in btrfs_close_one_device().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50217", url: "https://www.suse.com/security/cve/CVE-2024-50217", }, { category: "external", summary: "SUSE Bug 1233194 for CVE-2024-50217", url: "https://bugzilla.suse.com/1233194", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50217", }, { cve: "CVE-2024-50218", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50218", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: pass u64 to ocfs2_truncate_inline maybe overflow\n\nSyzbot reported a kernel BUG in ocfs2_truncate_inline. There are two\nreasons for this: first, the parameter value passed is greater than\nocfs2_max_inline_data_with_xattr, second, the start and end parameters of\nocfs2_truncate_inline are \"unsigned int\".\n\nSo, we need to add a sanity check for byte_start and byte_len right before\nocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater\nthan ocfs2_max_inline_data_with_xattr return -EINVAL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50218", url: "https://www.suse.com/security/cve/CVE-2024-50218", }, { category: "external", summary: "SUSE Bug 1233191 for CVE-2024-50218", url: "https://bugzilla.suse.com/1233191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50218", }, { cve: "CVE-2024-50220", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50220", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: do not invoke uffd on fork if error occurs\n\nPatch series \"fork: do not expose incomplete mm on fork\".\n\nDuring fork we may place the virtual memory address space into an\ninconsistent state before the fork operation is complete.\n\nIn addition, we may encounter an error during the fork operation that\nindicates that the virtual memory address space is invalidated.\n\nAs a result, we should not be exposing it in any way to external machinery\nthat might interact with the mm or VMAs, machinery that is not designed to\ndeal with incomplete state.\n\nWe specifically update the fork logic to defer khugepaged and ksm to the\nend of the operation and only to be invoked if no error arose, and\ndisallow uffd from observing fork events should an error have occurred.\n\n\nThis patch (of 2):\n\nCurrently on fork we expose the virtual address space of a process to\nuserland unconditionally if uffd is registered in VMAs, regardless of\nwhether an error arose in the fork.\n\nThis is performed in dup_userfaultfd_complete() which is invoked\nunconditionally, and performs two duties - invoking registered handlers\nfor the UFFD_EVENT_FORK event via dup_fctx(), and clearing down\nuserfaultfd_fork_ctx objects established in dup_userfaultfd().\n\nThis is problematic, because the virtual address space may not yet be\ncorrectly initialised if an error arose.\n\nThe change in commit d24062914837 (\"fork: use __mt_dup() to duplicate\nmaple tree in dup_mmap()\") makes this more pertinent as we may be in a\nstate where entries in the maple tree are not yet consistent.\n\nWe address this by, on fork error, ensuring that we roll back state that\nwe would otherwise expect to clean up through the event being handled by\nuserland and perform the memory freeing duty otherwise performed by\ndup_userfaultfd_complete().\n\nWe do this by implementing a new function, dup_userfaultfd_fail(), which\nperforms the same loop, only decrementing reference counts.\n\nNote that we perform mmgrab() on the parent and child mm's, however\nuserfaultfd_ctx_put() will mmdrop() this once the reference count drops to\nzero, so we will avoid memory leaks correctly here.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50220", url: "https://www.suse.com/security/cve/CVE-2024-50220", }, { category: "external", summary: "SUSE Bug 1233175 for CVE-2024-50220", url: "https://bugzilla.suse.com/1233175", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50220", }, { cve: "CVE-2024-50221", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50221", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Vangogh: Fix kernel memory out of bounds write\n\nKASAN reports that the GPU metrics table allocated in\nvangogh_tables_init() is not large enough for the memset done in\nsmu_cmn_init_soft_gpu_metrics(). Condensed report follows:\n\n[ 33.861314] BUG: KASAN: slab-out-of-bounds in smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu]\n[ 33.861799] Write of size 168 at addr ffff888129f59500 by task mangoapp/1067\n...\n[ 33.861808] CPU: 6 UID: 1000 PID: 1067 Comm: mangoapp Tainted: G W 6.12.0-rc4 #356 1a56f59a8b5182eeaf67eb7cb8b13594dd23b544\n[ 33.861816] Tainted: [W]=WARN\n[ 33.861818] Hardware name: Valve Galileo/Galileo, BIOS F7G0107 12/01/2023\n[ 33.861822] Call Trace:\n[ 33.861826] <TASK>\n[ 33.861829] dump_stack_lvl+0x66/0x90\n[ 33.861838] print_report+0xce/0x620\n[ 33.861853] kasan_report+0xda/0x110\n[ 33.862794] kasan_check_range+0xfd/0x1a0\n[ 33.862799] __asan_memset+0x23/0x40\n[ 33.862803] smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.863306] vangogh_get_gpu_metrics_v2_4+0x123/0xad0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.864257] vangogh_common_get_gpu_metrics+0xb0c/0xbc0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.865682] amdgpu_dpm_get_gpu_metrics+0xcc/0x110 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.866160] amdgpu_get_gpu_metrics+0x154/0x2d0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.867135] dev_attr_show+0x43/0xc0\n[ 33.867147] sysfs_kf_seq_show+0x1f1/0x3b0\n[ 33.867155] seq_read_iter+0x3f8/0x1140\n[ 33.867173] vfs_read+0x76c/0xc50\n[ 33.867198] ksys_read+0xfb/0x1d0\n[ 33.867214] do_syscall_64+0x90/0x160\n...\n[ 33.867353] Allocated by task 378 on cpu 7 at 22.794876s:\n[ 33.867358] kasan_save_stack+0x33/0x50\n[ 33.867364] kasan_save_track+0x17/0x60\n[ 33.867367] __kasan_kmalloc+0x87/0x90\n[ 33.867371] vangogh_init_smc_tables+0x3f9/0x840 [amdgpu]\n[ 33.867835] smu_sw_init+0xa32/0x1850 [amdgpu]\n[ 33.868299] amdgpu_device_init+0x467b/0x8d90 [amdgpu]\n[ 33.868733] amdgpu_driver_load_kms+0x19/0xf0 [amdgpu]\n[ 33.869167] amdgpu_pci_probe+0x2d6/0xcd0 [amdgpu]\n[ 33.869608] local_pci_probe+0xda/0x180\n[ 33.869614] pci_device_probe+0x43f/0x6b0\n\nEmpirically we can confirm that the former allocates 152 bytes for the\ntable, while the latter memsets the 168 large block.\n\nRoot cause appears that when GPU metrics tables for v2_4 parts were added\nit was not considered to enlarge the table to fit.\n\nThe fix in this patch is rather \"brute force\" and perhaps later should be\ndone in a smarter way, by extracting and consolidating the part version to\nsize logic to a common helper, instead of brute forcing the largest\npossible allocation. Nevertheless, for now this works and fixes the out of\nbounds write.\n\nv2:\n * Drop impossible v3_0 case. (Mario)\n\n(cherry picked from commit 0880f58f9609f0200483a49429af0f050d281703)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50221", url: "https://www.suse.com/security/cve/CVE-2024-50221", }, { category: "external", summary: "SUSE Bug 1233185 for CVE-2024-50221", url: "https://bugzilla.suse.com/1233185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50221", }, { cve: "CVE-2024-50222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50222", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP\n\ngeneric/077 on x86_32 CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP=y with highmem,\non huge=always tmpfs, issues a warning and then hangs (interruptibly):\n\nWARNING: CPU: 5 PID: 3517 at mm/highmem.c:622 kunmap_local_indexed+0x62/0xc9\nCPU: 5 UID: 0 PID: 3517 Comm: cp Not tainted 6.12.0-rc4 #2\n...\ncopy_page_from_iter_atomic+0xa6/0x5ec\ngeneric_perform_write+0xf6/0x1b4\nshmem_file_write_iter+0x54/0x67\n\nFix copy_page_from_iter_atomic() by limiting it in that case\n(include/linux/skbuff.h skb_frag_must_loop() does similar).\n\nBut going forward, perhaps CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP is too\nsurprising, has outlived its usefulness, and should just be removed?", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50222", url: "https://www.suse.com/security/cve/CVE-2024-50222", }, { category: "external", summary: "SUSE Bug 1233184 for CVE-2024-50222", url: "https://bugzilla.suse.com/1233184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50222", }, { cve: "CVE-2024-50223", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50223", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50223", url: "https://www.suse.com/security/cve/CVE-2024-50223", }, { category: "external", summary: "SUSE Bug 1233192 for CVE-2024-50223", url: "https://bugzilla.suse.com/1233192", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50223", }, { cve: "CVE-2024-50224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50224", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix crash when not using GPIO chip select\n\nAdd check for the return value of spi_get_csgpiod() to avoid passing a NULL\npointer to gpiod_direction_output(), preventing a crash when GPIO chip\nselect is not used.\n\nFix below crash:\n[ 4.251960] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 4.260762] Mem abort info:\n[ 4.263556] ESR = 0x0000000096000004\n[ 4.267308] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 4.272624] SET = 0, FnV = 0\n[ 4.275681] EA = 0, S1PTW = 0\n[ 4.278822] FSC = 0x04: level 0 translation fault\n[ 4.283704] Data abort info:\n[ 4.286583] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 4.292074] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 4.297130] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 4.302445] [0000000000000000] user address but active_mm is swapper\n[ 4.308805] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 4.315072] Modules linked in:\n[ 4.318124] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc4-next-20241023-00008-ga20ec42c5fc1 #359\n[ 4.328130] Hardware name: LS1046A QDS Board (DT)\n[ 4.332832] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.339794] pc : gpiod_direction_output+0x34/0x5c\n[ 4.344505] lr : gpiod_direction_output+0x18/0x5c\n[ 4.349208] sp : ffff80008003b8f0\n[ 4.352517] x29: ffff80008003b8f0 x28: 0000000000000000 x27: ffffc96bcc7e9068\n[ 4.359659] x26: ffffc96bcc6e00b0 x25: ffffc96bcc598398 x24: ffff447400132810\n[ 4.366800] x23: 0000000000000000 x22: 0000000011e1a300 x21: 0000000000020002\n[ 4.373940] x20: 0000000000000000 x19: 0000000000000000 x18: ffffffffffffffff\n[ 4.381081] x17: ffff44740016e600 x16: 0000000500000003 x15: 0000000000000007\n[ 4.388221] x14: 0000000000989680 x13: 0000000000020000 x12: 000000000000001e\n[ 4.395362] x11: 0044b82fa09b5a53 x10: 0000000000000019 x9 : 0000000000000008\n[ 4.402502] x8 : 0000000000000002 x7 : 0000000000000007 x6 : 0000000000000000\n[ 4.409641] x5 : 0000000000000200 x4 : 0000000002000000 x3 : 0000000000000000\n[ 4.416781] x2 : 0000000000022202 x1 : 0000000000000000 x0 : 0000000000000000\n[ 4.423921] Call trace:\n[ 4.426362] gpiod_direction_output+0x34/0x5c (P)\n[ 4.431067] gpiod_direction_output+0x18/0x5c (L)\n[ 4.435771] dspi_setup+0x220/0x334", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50224", url: "https://www.suse.com/security/cve/CVE-2024-50224", }, { category: "external", summary: "SUSE Bug 1233188 for CVE-2024-50224", url: "https://bugzilla.suse.com/1233188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50224", }, { cve: "CVE-2024-50225", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50225", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix error propagation of split bios\n\nThe purpose of btrfs_bbio_propagate_error() shall be propagating an error\nof split bio to its original btrfs_bio, and tell the error to the upper\nlayer. However, it's not working well on some cases.\n\n* Case 1. Immediate (or quick) end_bio with an error\n\nWhen btrfs sends btrfs_bio to mirrored devices, btrfs calls\nbtrfs_bio_end_io() when all the mirroring bios are completed. If that\nbtrfs_bio was split, it is from btrfs_clone_bioset and its end_io function\nis btrfs_orig_write_end_io. For this case, btrfs_bbio_propagate_error()\naccesses the orig_bbio's bio context to increase the error count.\n\nThat works well in most cases. However, if the end_io is called enough\nfast, orig_bbio's (remaining part after split) bio context may not be\nproperly set at that time. Since the bio context is set when the orig_bbio\n(the last btrfs_bio) is sent to devices, that might be too late for earlier\nsplit btrfs_bio's completion. That will result in NULL pointer\ndereference.\n\nThat bug is easily reproducible by running btrfs/146 on zoned devices [1]\nand it shows the following trace.\n\n[1] You need raid-stripe-tree feature as it create \"-d raid0 -m raid1\" FS.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 UID: 0 PID: 13 Comm: kworker/u32:1 Not tainted 6.11.0-rc7-BTRFS-ZNS+ #474\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n Workqueue: writeback wb_workfn (flush-btrfs-5)\n RIP: 0010:btrfs_bio_end_io+0xae/0xc0 [btrfs]\n BTRFS error (device dm-0): bdev /dev/mapper/error-test errs: wr 2, rd 0, flush 0, corrupt 0, gen 0\n RSP: 0018:ffffc9000006f248 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888005a7f080 RCX: ffffc9000006f1dc\n RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff888005a7f080\n RBP: ffff888011dfc540 R08: 0000000000000000 R09: 0000000000000001\n R10: ffffffff82e508e0 R11: 0000000000000005 R12: ffff88800ddfbe58\n R13: ffff888005a7f080 R14: ffff888005a7f158 R15: ffff888005a7f158\n FS: 0000000000000000(0000) GS:ffff88803ea80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000020 CR3: 0000000002e22006 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n ? __die_body.cold+0x19/0x26\n ? page_fault_oops+0x13e/0x2b0\n ? _printk+0x58/0x73\n ? do_user_addr_fault+0x5f/0x750\n ? exc_page_fault+0x76/0x240\n ? asm_exc_page_fault+0x22/0x30\n ? btrfs_bio_end_io+0xae/0xc0 [btrfs]\n ? btrfs_log_dev_io_error+0x7f/0x90 [btrfs]\n btrfs_orig_write_end_io+0x51/0x90 [btrfs]\n dm_submit_bio+0x5c2/0xa50 [dm_mod]\n ? find_held_lock+0x2b/0x80\n ? blk_try_enter_queue+0x90/0x1e0\n __submit_bio+0xe0/0x130\n ? ktime_get+0x10a/0x160\n ? lockdep_hardirqs_on+0x74/0x100\n submit_bio_noacct_nocheck+0x199/0x410\n btrfs_submit_bio+0x7d/0x150 [btrfs]\n btrfs_submit_chunk+0x1a1/0x6d0 [btrfs]\n ? lockdep_hardirqs_on+0x74/0x100\n ? __folio_start_writeback+0x10/0x2c0\n btrfs_submit_bbio+0x1c/0x40 [btrfs]\n submit_one_bio+0x44/0x60 [btrfs]\n submit_extent_folio+0x13f/0x330 [btrfs]\n ? btrfs_set_range_writeback+0xa3/0xd0 [btrfs]\n extent_writepage_io+0x18b/0x360 [btrfs]\n extent_write_locked_range+0x17c/0x340 [btrfs]\n ? __pfx_end_bbio_data_write+0x10/0x10 [btrfs]\n run_delalloc_cow+0x71/0xd0 [btrfs]\n btrfs_run_delalloc_range+0x176/0x500 [btrfs]\n ? find_lock_delalloc_range+0x119/0x260 [btrfs]\n writepage_delalloc+0x2ab/0x480 [btrfs]\n extent_write_cache_pages+0x236/0x7d0 [btrfs]\n btrfs_writepages+0x72/0x130 [btrfs]\n do_writepages+0xd4/0x240\n ? find_held_lock+0x2b/0x80\n ? wbc_attach_and_unlock_inode+0x12c/0x290\n ? wbc_attach_and_unlock_inode+0x12c/0x29\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50225", url: "https://www.suse.com/security/cve/CVE-2024-50225", }, { category: "external", summary: "SUSE Bug 1233193 for CVE-2024-50225", url: "https://bugzilla.suse.com/1233193", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50225", }, { cve: "CVE-2024-50226", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50226", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix use-after-free, permit out-of-order decoder shutdown\n\nIn support of investigating an initialization failure report [1],\ncxl_test was updated to register mock memory-devices after the mock\nroot-port/bus device had been registered. That led to cxl_test crashing\nwith a use-after-free bug with the following signature:\n\n cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem0:decoder7.0 @ 0 next: cxl_switch_uport.0 nr_eps: 1 nr_targets: 1\n cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem4:decoder14.0 @ 1 next: cxl_switch_uport.0 nr_eps: 2 nr_targets: 1\n cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[0] = cxl_switch_dport.0 for mem0:decoder7.0 @ 0\n1) cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[1] = cxl_switch_dport.4 for mem4:decoder14.0 @ 1\n [..]\n cxld_unregister: cxl decoder14.0:\n cxl_region_decode_reset: cxl_region region3:\n mock_decoder_reset: cxl_port port3: decoder3.0 reset\n2) mock_decoder_reset: cxl_port port3: decoder3.0: out of order reset, expected decoder3.1\n cxl_endpoint_decoder_release: cxl decoder14.0:\n [..]\n cxld_unregister: cxl decoder7.0:\n3) cxl_region_decode_reset: cxl_region region3:\n Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bc3: 0000 [#1] PREEMPT SMP PTI\n [..]\n RIP: 0010:to_cxl_port+0x8/0x60 [cxl_core]\n [..]\n Call Trace:\n <TASK>\n cxl_region_decode_reset+0x69/0x190 [cxl_core]\n cxl_region_detach+0xe8/0x210 [cxl_core]\n cxl_decoder_kill_region+0x27/0x40 [cxl_core]\n cxld_unregister+0x5d/0x60 [cxl_core]\n\nAt 1) a region has been established with 2 endpoint decoders (7.0 and\n14.0). Those endpoints share a common switch-decoder in the topology\n(3.0). At teardown, 2), decoder14.0 is the first to be removed and hits\nthe \"out of order reset case\" in the switch decoder. The effect though\nis that region3 cleanup is aborted leaving it in-tact and\nreferencing decoder14.0. At 3) the second attempt to teardown region3\ntrips over the stale decoder14.0 object which has long since been\ndeleted.\n\nThe fix here is to recognize that the CXL specification places no\nmandate on in-order shutdown of switch-decoders, the driver enforces\nin-order allocation, and hardware enforces in-order commit. So, rather\nthan fail and leave objects dangling, always remove them.\n\nIn support of making cxl_region_decode_reset() always succeed,\ncxl_region_invalidate_memregion() failures are turned into warnings.\nCrashing the kernel is ok there since system integrity is at risk if\ncaches cannot be managed around physical address mutation events like\nCXL region destruction.\n\nA new device_for_each_child_reverse_from() is added to cleanup\nport->commit_end after all dependent decoders have been disabled. In\nother words if decoders are allocated 0->1->2 and disabled 1->2->0 then\nport->commit_end only decrements from 2 after 2 has been disabled, and\nit decrements all the way to zero since 1 was disabled previously.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50226", url: "https://www.suse.com/security/cve/CVE-2024-50226", }, { category: "external", summary: "SUSE Bug 1233195 for CVE-2024-50226", url: "https://bugzilla.suse.com/1233195", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50226", }, { cve: "CVE-2024-50227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50227", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()\n\nKASAN reported following issue:\n\n BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt]\n Read of size 4 at addr ffff88810111fc1c by task kworker/u56:0/11\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u56:0 Tainted: G U 6.11.0+ #1387\n Tainted: [U]=USER\n Workqueue: thunderbolt0 tb_handle_hotplug [thunderbolt]\n Call Trace:\n <TASK>\n dump_stack_lvl+0x6c/0x90\n print_report+0xd1/0x630\n kasan_report+0xdb/0x110\n __asan_report_load4_noabort+0x14/0x20\n tb_retimer_scan+0xffe/0x1550 [thunderbolt]\n tb_scan_port+0xa6f/0x2060 [thunderbolt]\n tb_handle_hotplug+0x17b1/0x3080 [thunderbolt]\n process_one_work+0x626/0x1100\n worker_thread+0x6c8/0xfa0\n kthread+0x2c8/0x3a0\n ret_from_fork+0x3a/0x80\n ret_from_fork_asm+0x1a/0x30\n\nThis happens because the loop variable still gets incremented by one so\nmax becomes 3 instead of 2, and this makes the second loop read past the\nthe array declared on the stack.\n\nFix this by assigning to max directly in the loop body.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50227", url: "https://www.suse.com/security/cve/CVE-2024-50227", }, { category: "external", summary: "SUSE Bug 1233181 for CVE-2024-50227", url: "https://bugzilla.suse.com/1233181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50227", }, { cve: "CVE-2024-50228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50228", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50228", url: "https://www.suse.com/security/cve/CVE-2024-50228", }, { category: "external", summary: "SUSE Bug 1233204 for CVE-2024-50228", url: "https://bugzilla.suse.com/1233204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "low", }, ], title: "CVE-2024-50228", }, { cve: "CVE-2024-50229", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50229", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential deadlock with newly created symlinks\n\nSyzbot reported that page_symlink(), called by nilfs_symlink(), triggers\nmemory reclamation involving the filesystem layer, which can result in\ncircular lock dependencies among the reader/writer semaphore\nnilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the\nfs_reclaim pseudo lock.\n\nThis is because after commit 21fc61c73c39 (\"don't put symlink bodies in\npagecache into highmem\"), the gfp flags of the page cache for symbolic\nlinks are overwritten to GFP_KERNEL via inode_nohighmem().\n\nThis is not a problem for symlinks read from the backing device, because\nthe __GFP_FS flag is dropped after inode_nohighmem() is called. However,\nwhen a new symlink is created with nilfs_symlink(), the gfp flags remain\noverwritten to GFP_KERNEL. Then, memory allocation called from\npage_symlink() etc. triggers memory reclamation including the FS layer,\nwhich may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can\ncause a deadlock if they are called while nilfs->ns_segctor_sem is held:\n\nFix this issue by dropping the __GFP_FS flag from the page cache GFP flags\nof newly created symlinks in the same way that nilfs_new_inode() and\n__nilfs_read_inode() do, as a workaround until we adopt nofs allocation\nscope consistently or improve the locking constraints.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50229", url: "https://www.suse.com/security/cve/CVE-2024-50229", }, { category: "external", summary: "SUSE Bug 1233205 for CVE-2024-50229", url: "https://bugzilla.suse.com/1233205", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50229", }, { cve: "CVE-2024-50230", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50230", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel bug due to missing clearing of checked flag\n\nSyzbot reported that in directory operations after nilfs2 detects\nfilesystem corruption and degrades to read-only,\n__block_write_begin_int(), which is called to prepare block writes, may\nfail the BUG_ON check for accesses exceeding the folio/page size,\ntriggering a kernel bug.\n\nThis was found to be because the \"checked\" flag of a page/folio was not\ncleared when it was discarded by nilfs2's own routine, which causes the\nsanity check of directory entries to be skipped when the directory\npage/folio is reloaded. So, fix that.\n\nThis was necessary when the use of nilfs2's own page discard routine was\napplied to more than just metadata files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50230", url: "https://www.suse.com/security/cve/CVE-2024-50230", }, { category: "external", summary: "SUSE Bug 1233206 for CVE-2024-50230", url: "https://bugzilla.suse.com/1233206", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50230", }, { cve: "CVE-2024-50231", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50231", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()\n\nmodprobe iio-test-gts and rmmod it, then the following memory leak\noccurs:\n\n\tunreferenced object 0xffffff80c810be00 (size 64):\n\t comm \"kunit_try_catch\", pid 1654, jiffies 4294913981\n\t hex dump (first 32 bytes):\n\t 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@...\n\t 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................\n\t backtrace (crc a63d875e):\n\t [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40\n\t [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0\n\t [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4\n\t [<0000000071bb4b09>] 0xffffffdf052a62e0\n\t [<000000000315bc18>] 0xffffffdf052a6488\n\t [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000f505065d>] kthread+0x2e8/0x374\n\t [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cbfe9e70 (size 16):\n\t comm \"kunit_try_catch\", pid 1658, jiffies 4294914015\n\t hex dump (first 16 bytes):\n\t 10 00 00 00 40 00 00 00 80 00 00 00 00 00 00 00 ....@...........\n\t backtrace (crc 857f0cb4):\n\t [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40\n\t [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0\n\t [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4\n\t [<0000000071bb4b09>] 0xffffffdf052a62e0\n\t [<000000007d089d45>] 0xffffffdf052a6864\n\t [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000f505065d>] kthread+0x2e8/0x374\n\t [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20\n\t......\n\nIt includes 5*5 times \"size 64\" memory leaks, which correspond to 5 times\ntest_init_iio_gain_scale() calls with gts_test_gains size 10 (10*size(int))\nand gts_test_itimes size 5. It also includes 5*1 times \"size 16\"\nmemory leak, which correspond to one time __test_init_iio_gain_scale()\ncall with gts_test_gains_gain_low size 3 (3*size(int)) and gts_test_itimes\nsize 5.\n\nThe reason is that the per_time_gains[i] is not freed which is allocated in\nthe \"gts->num_itime\" for loop in iio_gts_build_avail_scale_table().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50231", url: "https://www.suse.com/security/cve/CVE-2024-50231", }, { category: "external", summary: "SUSE Bug 1233208 for CVE-2024-50231", url: "https://bugzilla.suse.com/1233208", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50231", }, { cve: "CVE-2024-50232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50232", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()\n\nIn the ad7124_write_raw() function, parameter val can potentially\nbe zero. This may lead to a division by zero when DIV_ROUND_CLOSEST()\nis called within ad7124_set_channel_odr(). The ad7124_write_raw()\nfunction is invoked through the sequence: iio_write_channel_raw() ->\niio_write_channel_attribute() -> iio_channel_write(), with no checks\nin place to ensure val is non-zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50232", url: "https://www.suse.com/security/cve/CVE-2024-50232", }, { category: "external", summary: "SUSE Bug 1233209 for CVE-2024-50232", url: "https://bugzilla.suse.com/1233209", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50232", }, { cve: "CVE-2024-50233", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50233", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()\n\nIn the ad9832_write_frequency() function, clk_get_rate() might return 0.\nThis can lead to a division by zero when calling ad9832_calc_freqreg().\nThe check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect\nagainst the case when fout is 0. The ad9832_write_frequency() function\nis called from ad9832_write(), and fout is derived from a text buffer,\nwhich can contain any value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50233", url: "https://www.suse.com/security/cve/CVE-2024-50233", }, { category: "external", summary: "SUSE Bug 1233210 for CVE-2024-50233", url: "https://bugzilla.suse.com/1233210", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50233", }, { cve: "CVE-2024-50234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50234", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn't being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere's a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card's basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50234", url: "https://www.suse.com/security/cve/CVE-2024-50234", }, { category: "external", summary: "SUSE Bug 1233211 for CVE-2024-50234", url: "https://bugzilla.suse.com/1233211", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50234", }, { cve: "CVE-2024-50235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50235", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: clear wdev->cqm_config pointer on free\n\nWhen we free wdev->cqm_config when unregistering, we also\nneed to clear out the pointer since the same wdev/netdev\nmay get re-registered in another network namespace, then\ndestroyed later, running this code again, which results in\na double-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50235", url: "https://www.suse.com/security/cve/CVE-2024-50235", }, { category: "external", summary: "SUSE Bug 1233176 for CVE-2024-50235", url: "https://bugzilla.suse.com/1233176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50235", }, { cve: "CVE-2024-50236", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50236", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: Fix memory leak in management tx\n\nIn the current logic, memory is allocated for storing the MSDU context\nduring management packet TX but this memory is not being freed during\nmanagement TX completion. Similar leaks are seen in the management TX\ncleanup logic.\n\nKmemleak reports this problem as below,\n\nunreferenced object 0xffffff80b64ed250 (size 16):\n comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (age 714.199s)\n hex dump (first 16 bytes):\n 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t......\n backtrace:\n [<ffffffe6e7b245dc>] __kmem_cache_alloc_node+0x1e4/0x2d8\n [<ffffffe6e7adde88>] kmalloc_trace+0x48/0x110\n [<ffffffe6bbd765fc>] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core]\n [<ffffffe6bbd3eed4>] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core]\n [<ffffffe6e78d5974>] process_scheduled_works+0x1ac/0x400\n [<ffffffe6e78d60b8>] worker_thread+0x208/0x328\n [<ffffffe6e78dc890>] kthread+0x100/0x1c0\n [<ffffffe6e78166c0>] ret_from_fork+0x10/0x20\n\nFree the memory during completion and cleanup to fix the leak.\n\nProtect the mgmt_pending_tx idr_remove() operation in\nath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar->data_lock similar to\nother instances.\n\nTested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50236", url: "https://www.suse.com/security/cve/CVE-2024-50236", }, { category: "external", summary: "SUSE Bug 1233212 for CVE-2024-50236", url: "https://bugzilla.suse.com/1233212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50236", }, { cve: "CVE-2024-50237", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50237", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: do not pass a stopped vif to the driver in .get_txpower\n\nAvoid potentially crashing in the driver because of uninitialized private data", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50237", url: "https://www.suse.com/security/cve/CVE-2024-50237", }, { category: "external", summary: "SUSE Bug 1233216 for CVE-2024-50237", url: "https://bugzilla.suse.com/1233216", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50237", }, { cve: "CVE-2024-50238", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50238", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usbc: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data from the\nqcom-qmp-usb driver, but mistakenly also removed the initialisation\ndespite the data still being used in the runtime PM callbacks. This bug\nwas later reproduced when the driver was copied to create the qmp-usbc\ndriver.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with these drivers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50238", url: "https://www.suse.com/security/cve/CVE-2024-50238", }, { category: "external", summary: "SUSE Bug 1233182 for CVE-2024-50238", url: "https://bugzilla.suse.com/1233182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50238", }, { cve: "CVE-2024-50239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50239", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data from the\nqcom-qmp-usb driver, but mistakenly also removed the initialisation\ndespite the data still being used in the runtime PM callbacks. This bug\nwas later reproduced when the driver was copied to create the\nqmp-usb-legacy driver.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with these drivers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50239", url: "https://www.suse.com/security/cve/CVE-2024-50239", }, { category: "external", summary: "SUSE Bug 1233180 for CVE-2024-50239", url: "https://bugzilla.suse.com/1233180", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50239", }, { cve: "CVE-2024-50240", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50240", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usb: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data, but mistakenly\nalso removed the initialisation despite the data still being used in the\nruntime PM callbacks.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with this driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50240", url: "https://www.suse.com/security/cve/CVE-2024-50240", }, { category: "external", summary: "SUSE Bug 1233217 for CVE-2024-50240", url: "https://bugzilla.suse.com/1233217", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50240", }, { cve: "CVE-2024-50241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50241", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Initialize struct nfsd4_copy earlier\n\nEnsure the refcount and async_copies fields are initialized early.\ncleanup_async_copy() will reference these fields if an error occurs\nin nfsd4_copy(). If they are not correctly initialized, at the very\nleast, a refcount underflow occurs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50241", url: "https://www.suse.com/security/cve/CVE-2024-50241", }, { category: "external", summary: "SUSE Bug 1233187 for CVE-2024-50241", url: "https://bugzilla.suse.com/1233187", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50241", }, { cve: "CVE-2024-50242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50242", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Additional check in ntfs_file_release", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50242", url: "https://www.suse.com/security/cve/CVE-2024-50242", }, { category: "external", summary: "SUSE Bug 1233268 for CVE-2024-50242", url: "https://bugzilla.suse.com/1233268", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50242", }, { cve: "CVE-2024-50243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50243", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix general protection fault in run_is_mapped_full\n\nFixed deleating of a non-resident attribute in ntfs_create_inode()\nrollback.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50243", url: "https://www.suse.com/security/cve/CVE-2024-50243", }, { category: "external", summary: "SUSE Bug 1233269 for CVE-2024-50243", url: "https://bugzilla.suse.com/1233269", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50243", }, { cve: "CVE-2024-50244", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50244", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Additional check in ni_clear()\n\nChecking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to\nuninitialized bitmap during replay process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50244", url: "https://www.suse.com/security/cve/CVE-2024-50244", }, { category: "external", summary: "SUSE Bug 1233270 for CVE-2024-50244", url: "https://bugzilla.suse.com/1233270", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50244", }, { cve: "CVE-2024-50245", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50245", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix possible deadlock in mi_read\n\nMutex lock with another subclass used in ni_lock_dir().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50245", url: "https://www.suse.com/security/cve/CVE-2024-50245", }, { category: "external", summary: "SUSE Bug 1233203 for CVE-2024-50245", url: "https://bugzilla.suse.com/1233203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50245", }, { cve: "CVE-2024-50246", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50246", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add rough attr alloc_size check", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50246", url: "https://www.suse.com/security/cve/CVE-2024-50246", }, { category: "external", summary: "SUSE Bug 1233207 for CVE-2024-50246", url: "https://bugzilla.suse.com/1233207", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50246", }, { cve: "CVE-2024-50247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50247", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Check if more than chunk-size bytes are written\n\nA incorrectly formatted chunk may decompress into\nmore than LZNT_CHUNK_SIZE bytes and a index out of bounds\nwill occur in s_max_off.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50247", url: "https://www.suse.com/security/cve/CVE-2024-50247", }, { category: "external", summary: "SUSE Bug 1233271 for CVE-2024-50247", url: "https://bugzilla.suse.com/1233271", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50247", }, { cve: "CVE-2024-50248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50248", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Add bounds checking to mi_enum_attr()\n\nAdded bounds checking to make sure that every attr don't stray beyond\nvalid memory region.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50248", url: "https://www.suse.com/security/cve/CVE-2024-50248", }, { category: "external", summary: "SUSE Bug 1233219 for CVE-2024-50248", url: "https://bugzilla.suse.com/1233219", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50248", }, { cve: "CVE-2024-50249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50249", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Make rmw_lock a raw_spin_lock\n\nThe following BUG was triggered:\n\n=============================\n[ BUG: Invalid wait context ]\n6.12.0-rc2-XXX #406 Not tainted\n-----------------------------\nkworker/1:1/62 is trying to lock:\nffffff8801593030 (&cpc_ptr->rmw_lock){+.+.}-{3:3}, at: cpc_write+0xcc/0x370\nother info that might help us debug this:\ncontext-{5:5}\n2 locks held by kworker/1:1/62:\n #0: ffffff897ef5ec98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x50\n #1: ffffff880154e238 (&sg_policy->update_lock){....}-{2:2}, at: sugov_update_shared+0x3c/0x280\nstack backtrace:\nCPU: 1 UID: 0 PID: 62 Comm: kworker/1:1 Not tainted 6.12.0-rc2-g9654bd3e8806 #406\nWorkqueue: 0x0 (events)\nCall trace:\n dump_backtrace+0xa4/0x130\n show_stack+0x20/0x38\n dump_stack_lvl+0x90/0xd0\n dump_stack+0x18/0x28\n __lock_acquire+0x480/0x1ad8\n lock_acquire+0x114/0x310\n _raw_spin_lock+0x50/0x70\n cpc_write+0xcc/0x370\n cppc_set_perf+0xa0/0x3a8\n cppc_cpufreq_fast_switch+0x40/0xc0\n cpufreq_driver_fast_switch+0x4c/0x218\n sugov_update_shared+0x234/0x280\n update_load_avg+0x6ec/0x7b8\n dequeue_entities+0x108/0x830\n dequeue_task_fair+0x58/0x408\n __schedule+0x4f0/0x1070\n schedule+0x54/0x130\n worker_thread+0xc0/0x2e8\n kthread+0x130/0x148\n ret_from_fork+0x10/0x20\n\nsugov_update_shared() locks a raw_spinlock while cpc_write() locks a\nspinlock.\n\nTo have a correct wait-type order, update rmw_lock to a raw spinlock and\nensure that interrupts will be disabled on the CPU holding it.\n\n[ rjw: Changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50249", url: "https://www.suse.com/security/cve/CVE-2024-50249", }, { category: "external", summary: "SUSE Bug 1233197 for CVE-2024-50249", url: "https://bugzilla.suse.com/1233197", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50249", }, { cve: "CVE-2024-50250", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50250", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: dax_unshare_iter needs to copy entire blocks\n\nThe code that copies data from srcmap to iomap in dax_unshare_iter is\nvery very broken, which bfoster's recent fsx changes have exposed.\n\nIf the pos and len passed to dax_file_unshare are not aligned to an\nfsblock boundary, the iter pos and length in the _iter function will\nreflect this unalignment.\n\ndax_iomap_direct_access always returns a pointer to the start of the\nkmapped fsdax page, even if its pos argument is in the middle of that\npage. This is catastrophic for data integrity when iter->pos is not\naligned to a page, because daddr/saddr do not point to the same byte in\nthe file as iter->pos. Hence we corrupt user data by copying it to the\nwrong place.\n\nIf iter->pos + iomap_length() in the _iter function not aligned to a\npage, then we fail to copy a full block, and only partially populate the\ndestination block. This is catastrophic for data confidentiality\nbecause we expose stale pmem contents.\n\nFix both of these issues by aligning copy_pos/copy_len to a page\nboundary (remember, this is fsdax so 1 fsblock == 1 base page) so that\nwe always copy full blocks.\n\nWe're not done yet -- there's no call to invalidate_inode_pages2_range,\nso programs that have the file range mmap'd will continue accessing the\nold memory mapping after the file metadata updates have completed.\n\nBe careful with the return value -- if the unshare succeeds, we still\nneed to return the number of bytes that the iomap iter thinks we're\noperating on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50250", url: "https://www.suse.com/security/cve/CVE-2024-50250", }, { category: "external", summary: "SUSE Bug 1233226 for CVE-2024-50250", url: "https://bugzilla.suse.com/1233226", }, { category: "external", summary: "SUSE Bug 1233227 for CVE-2024-50250", url: "https://bugzilla.suse.com/1233227", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50250", }, { cve: "CVE-2024-50251", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50251", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50251", url: "https://www.suse.com/security/cve/CVE-2024-50251", }, { category: "external", summary: "SUSE Bug 1233248 for CVE-2024-50251", url: "https://bugzilla.suse.com/1233248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50251", }, { cve: "CVE-2024-50252", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50252", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address\n\nThe device stores IPv6 addresses that are used for encapsulation in\nlinear memory that is managed by the driver.\n\nChanging the remote address of an ip6gre net device never worked\nproperly, but since cited commit the following reproducer [1] would\nresult in a warning [2] and a memory leak [3]. The problem is that the\nnew remote address is never added by the driver to its hash table (and\ntherefore the device) and the old address is never removed from it.\n\nFix by programming the new address when the configuration of the ip6gre\nnet device changes and removing the old one. If the address did not\nchange, then the above would result in increasing the reference count of\nthe address and then decreasing it.\n\n[1]\n # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit\n # ip link set dev bla type ip6gre remote 2001:db8:3::1\n # ip link del dev bla\n # devlink dev reload pci/0000:01:00.0\n\n[2]\nWARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0\nModules linked in:\nCPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\nRIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0\n[...]\nCall Trace:\n <TASK>\n mlxsw_sp_router_netdevice_event+0x55f/0x1240\n notifier_call_chain+0x5a/0xd0\n call_netdevice_notifiers_info+0x39/0x90\n unregister_netdevice_many_notify+0x63e/0x9d0\n rtnl_dellink+0x16b/0x3a0\n rtnetlink_rcv_msg+0x142/0x3f0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x242/0x390\n netlink_sendmsg+0x1de/0x420\n ____sys_sendmsg+0x2bd/0x320\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x9e/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[3]\nunreferenced object 0xffff898081f597a0 (size 32):\n comm \"ip\", pid 1626, jiffies 4294719324\n hex dump (first 32 bytes):\n 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ...............\n 21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia.............\n backtrace (crc fd9be911):\n [<00000000df89c55d>] __kmalloc_cache_noprof+0x1da/0x260\n [<00000000ff2a1ddb>] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340\n [<000000009ddd445d>] mlxsw_sp_router_netdevice_event+0x47b/0x1240\n [<00000000743e7757>] notifier_call_chain+0x5a/0xd0\n [<000000007c7b9e13>] call_netdevice_notifiers_info+0x39/0x90\n [<000000002509645d>] register_netdevice+0x5f7/0x7a0\n [<00000000c2e7d2a9>] ip6gre_newlink_common.isra.0+0x65/0x130\n [<0000000087cd6d8d>] ip6gre_newlink+0x72/0x120\n [<000000004df7c7cc>] rtnl_newlink+0x471/0xa20\n [<0000000057ed632a>] rtnetlink_rcv_msg+0x142/0x3f0\n [<0000000032e0d5b5>] netlink_rcv_skb+0x50/0x100\n [<00000000908bca63>] netlink_unicast+0x242/0x390\n [<00000000cdbe1c87>] netlink_sendmsg+0x1de/0x420\n [<0000000011db153e>] ____sys_sendmsg+0x2bd/0x320\n [<000000003b6d53eb>] ___sys_sendmsg+0x9a/0xe0\n [<00000000cae27c62>] __sys_sendmsg+0x7a/0xd0", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50252", url: "https://www.suse.com/security/cve/CVE-2024-50252", }, { category: "external", summary: "SUSE Bug 1233201 for CVE-2024-50252", url: "https://bugzilla.suse.com/1233201", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50252", }, { cve: "CVE-2024-50253", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50253", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check the validity of nr_words in bpf_iter_bits_new()\n\nCheck the validity of nr_words in bpf_iter_bits_new(). Without this\ncheck, when multiplication overflow occurs for nr_bits (e.g., when\nnr_words = 0x0400-0001, nr_bits becomes 64), stack corruption may occur\ndue to bpf_probe_read_kernel_common(..., nr_bytes = 0x2000-0008).\n\nFix it by limiting the maximum value of nr_words to 511. The value is\nderived from the current implementation of BPF memory allocator. To\nensure compatibility if the BPF memory allocator's size limitation\nchanges in the future, use the helper bpf_mem_alloc_check_size() to\ncheck whether nr_bytes is too larger. And return -E2BIG instead of\n-ENOMEM for oversized nr_bytes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50253", url: "https://www.suse.com/security/cve/CVE-2024-50253", }, { category: "external", summary: "SUSE Bug 1233186 for CVE-2024-50253", url: "https://bugzilla.suse.com/1233186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50253", }, { cve: "CVE-2024-50254", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50254", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Free dynamically allocated bits in bpf_iter_bits_destroy()\n\nbpf_iter_bits_destroy() uses \"kit->nr_bits <= 64\" to check whether the\nbits are dynamically allocated. However, the check is incorrect and may\ncause a kmemleak as shown below:\n\nunreferenced object 0xffff88812628c8c0 (size 32):\n comm \"swapper/0\", pid 1, jiffies 4294727320\n hex dump (first 32 bytes):\n\tb0 c1 55 f5 81 88 ff ff f0 f0 f0 f0 f0 f0 f0 f0 ..U...........\n\tf0 f0 f0 f0 f0 f0 f0 f0 00 00 00 00 00 00 00 00 ..............\n backtrace (crc 781e32cc):\n\t[<00000000c452b4ab>] kmemleak_alloc+0x4b/0x80\n\t[<0000000004e09f80>] __kmalloc_node_noprof+0x480/0x5c0\n\t[<00000000597124d6>] __alloc.isra.0+0x89/0xb0\n\t[<000000004ebfffcd>] alloc_bulk+0x2af/0x720\n\t[<00000000d9c10145>] prefill_mem_cache+0x7f/0xb0\n\t[<00000000ff9738ff>] bpf_mem_alloc_init+0x3e2/0x610\n\t[<000000008b616eac>] bpf_global_ma_init+0x19/0x30\n\t[<00000000fc473efc>] do_one_initcall+0xd3/0x3c0\n\t[<00000000ec81498c>] kernel_init_freeable+0x66a/0x940\n\t[<00000000b119f72f>] kernel_init+0x20/0x160\n\t[<00000000f11ac9a7>] ret_from_fork+0x3c/0x70\n\t[<0000000004671da4>] ret_from_fork_asm+0x1a/0x30\n\nThat is because nr_bits will be set as zero in bpf_iter_bits_next()\nafter all bits have been iterated.\n\nFix the issue by setting kit->bit to kit->nr_bits instead of setting\nkit->nr_bits to zero when the iteration completes in\nbpf_iter_bits_next(). In addition, use \"!nr_bits || bits >= nr_bits\" to\ncheck whether the iteration is complete and still use \"nr_bits > 64\" to\nindicate whether bits are dynamically allocated. The \"!nr_bits\" check is\nnecessary because bpf_iter_bits_new() may fail before setting\nkit->nr_bits, and this condition will stop the iteration early instead\nof accessing the zeroed or freed kit->bits.\n\nConsidering the initial value of kit->bits is -1 and the type of\nkit->nr_bits is unsigned int, change the type of kit->nr_bits to int.\nThe potential overflow problem will be handled in the following patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50254", url: "https://www.suse.com/security/cve/CVE-2024-50254", }, { category: "external", summary: "SUSE Bug 1233183 for CVE-2024-50254", url: "https://bugzilla.suse.com/1233183", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50254", }, { cve: "CVE-2024-50255", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50255", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs\n\nFix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.\n\n__hci_cmd_sync_sk() returns NULL if a command returns a status event.\nHowever, it also returns NULL where an opcode doesn't exist in the\nhci_cc table because hci_cmd_complete_evt() assumes status = skb->data[0]\nfor unknown opcodes.\nThis leads to null-ptr-deref in cmd_sync for HCI_OP_READ_LOCAL_CODECS as\nthere is no hci_cc for HCI_OP_READ_LOCAL_CODECS, which always assumes\nstatus = skb->data[0].\n\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 2000 Comm: kworker/u9:5 Not tainted 6.9.0-ga6bcb805883c-dirty #10\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: hci7 hci_power_on\nRIP: 0010:hci_read_supported_codecs+0xb9/0x870 net/bluetooth/hci_codec.c:138\nCode: 08 48 89 ef e8 b8 c1 8f fd 48 8b 75 00 e9 96 00 00 00 49 89 c6 48 ba 00 00 00 00 00 fc ff df 4c 8d 60 70 4c 89 e3 48 c1 eb 03 <0f> b6 04 13 84 c0 0f 85 82 06 00 00 41 83 3c 24 02 77 0a e8 bf 78\nRSP: 0018:ffff888120bafac8 EFLAGS: 00010212\nRAX: 0000000000000000 RBX: 000000000000000e RCX: ffff8881173f0040\nRDX: dffffc0000000000 RSI: ffffffffa58496c0 RDI: ffff88810b9ad1e4\nRBP: ffff88810b9ac000 R08: ffffffffa77882a7 R09: 1ffffffff4ef1054\nR10: dffffc0000000000 R11: fffffbfff4ef1055 R12: 0000000000000070\nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88810b9ac000\nFS: 0000000000000000(0000) GS:ffff8881f6c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f6ddaa3439e CR3: 0000000139764003 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n <TASK>\n hci_read_local_codecs_sync net/bluetooth/hci_sync.c:4546 [inline]\n hci_init_stage_sync net/bluetooth/hci_sync.c:3441 [inline]\n hci_init4_sync net/bluetooth/hci_sync.c:4706 [inline]\n hci_init_sync net/bluetooth/hci_sync.c:4742 [inline]\n hci_dev_init_sync net/bluetooth/hci_sync.c:4912 [inline]\n hci_dev_open_sync+0x19a9/0x2d30 net/bluetooth/hci_sync.c:4994\n hci_dev_do_open net/bluetooth/hci_core.c:483 [inline]\n hci_power_on+0x11e/0x560 net/bluetooth/hci_core.c:1015\n process_one_work kernel/workqueue.c:3267 [inline]\n process_scheduled_works+0x8ef/0x14f0 kernel/workqueue.c:3348\n worker_thread+0x91f/0xe50 kernel/workqueue.c:3429\n kthread+0x2cb/0x360 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50255", url: "https://www.suse.com/security/cve/CVE-2024-50255", }, { category: "external", summary: "SUSE Bug 1233238 for CVE-2024-50255", url: "https://bugzilla.suse.com/1233238", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50255", }, { cve: "CVE-2024-50256", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50256", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()\n\nI got a syzbot report without a repro [1] crashing in nf_send_reset6()\n\nI think the issue is that dev->hard_header_len is zero, and we attempt\nlater to push an Ethernet header.\n\nUse LL_MAX_HEADER, as other functions in net/ipv6/netfilter/nf_reject_ipv6.c.\n\n[1]\n\nskbuff: skb_under_panic: text:ffffffff89b1d008 len:74 put:14 head:ffff88803123aa00 data:ffff88803123a9f2 tail:0x3c end:0x140 dev:syz_tun\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 7373 Comm: syz.1.568 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0d 8d 48 c7 c6 60 a6 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 ba 30 38 02 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc900045269b0 EFLAGS: 00010282\nRAX: 0000000000000088 RBX: dffffc0000000000 RCX: cd66dacdc5d8e800\nRDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000\nRBP: ffff88802d39a3d0 R08: ffffffff8174afec R09: 1ffff920008a4ccc\nR10: dffffc0000000000 R11: fffff520008a4ccd R12: 0000000000000140\nR13: ffff88803123aa00 R14: ffff88803123a9f2 R15: 000000000000003c\nFS: 00007fdbee5ff6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000005d322000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n eth_header+0x38/0x1f0 net/ethernet/eth.c:83\n dev_hard_header include/linux/netdevice.h:3208 [inline]\n nf_send_reset6+0xce6/0x1270 net/ipv6/netfilter/nf_reject_ipv6.c:358\n nft_reject_inet_eval+0x3b9/0x690 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x418/0x6b0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n br_nf_pre_routing_ipv6+0x63e/0x770 net/bridge/br_netfilter_ipv6.c:184\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_bridge_pre net/bridge/br_input.c:277 [inline]\n br_handle_frame+0x9fd/0x1530 net/bridge/br_input.c:424\n __netif_receive_skb_core+0x13e8/0x4570 net/core/dev.c:5562\n __netif_receive_skb_one_core net/core/dev.c:5666 [inline]\n __netif_receive_skb+0x12f/0x650 net/core/dev.c:5781\n netif_receive_skb_internal net/core/dev.c:5867 [inline]\n netif_receive_skb+0x1e8/0x890 net/core/dev.c:5926\n tun_rx_batched+0x1b7/0x8f0 drivers/net/tun.c:1550\n tun_get_user+0x3056/0x47e0 drivers/net/tun.c:2007\n tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2053\n new_sync_write fs/read_write.c:590 [inline]\n vfs_write+0xa6d/0xc90 fs/read_write.c:683\n ksys_write+0x183/0x2b0 fs/read_write.c:736\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdbeeb7d1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48\nRSP: 002b:00007fdbee5ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fdbeed36058 RCX: 00007fdbeeb7d1ff\nRDX: 000000000000008e RSI: 0000000020000040 RDI: 00000000000000c8\nRBP: 00007fdbeebf12be R08: 0000000\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50256", url: "https://www.suse.com/security/cve/CVE-2024-50256", }, { category: "external", summary: "SUSE Bug 1233200 for CVE-2024-50256", url: "https://bugzilla.suse.com/1233200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50256", }, { cve: "CVE-2024-50257", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50257", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: Fix use-after-free in get_info()\n\nip6table_nat module unload has refcnt warning for UAF. call trace is:\n\nWARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 module_put+0x6f/0x80\nModules linked in: ip6table_nat(-)\nCPU: 1 UID: 0 PID: 379 Comm: ip6tables Not tainted 6.12.0-rc4-00047-gc2ee9f594da8-dirty #205\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:module_put+0x6f/0x80\nCall Trace:\n <TASK>\n get_info+0x128/0x180\n do_ip6t_get_ctl+0x6a/0x430\n nf_getsockopt+0x46/0x80\n ipv6_getsockopt+0xb9/0x100\n rawv6_getsockopt+0x42/0x190\n do_sock_getsockopt+0xaa/0x180\n __sys_getsockopt+0x70/0xc0\n __x64_sys_getsockopt+0x20/0x30\n do_syscall_64+0xa2/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nConcurrent execution of module unload and get_info() trigered the warning.\nThe root cause is as follows:\n\ncpu0\t\t\t\t cpu1\nmodule_exit\n//mod->state = MODULE_STATE_GOING\n ip6table_nat_exit\n xt_unregister_template\n\tkfree(t)\n\t//removed from templ_list\n\t\t\t\t getinfo()\n\t\t\t\t\t t = xt_find_table_lock\n\t\t\t\t\t\tlist_for_each_entry(tmpl, &xt_templates[af]...)\n\t\t\t\t\t\t\tif (strcmp(tmpl->name, name))\n\t\t\t\t\t\t\t\tcontinue; //table not found\n\t\t\t\t\t\t\ttry_module_get\n\t\t\t\t\t\tlist_for_each_entry(t, &xt_net->tables[af]...)\n\t\t\t\t\t\t\treturn t; //not get refcnt\n\t\t\t\t\t module_put(t->me) //uaf\n unregister_pernet_subsys\n //remove table from xt_net list\n\nWhile xt_table module was going away and has been removed from\nxt_templates list, we couldnt get refcnt of xt_table->me. Check\nmodule in xt_net->tables list re-traversal to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50257", url: "https://www.suse.com/security/cve/CVE-2024-50257", }, { category: "external", summary: "SUSE Bug 1233244 for CVE-2024-50257", url: "https://bugzilla.suse.com/1233244", }, { category: "external", summary: "SUSE Bug 1233245 for CVE-2024-50257", url: "https://bugzilla.suse.com/1233245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50257", }, { cve: "CVE-2024-50258", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50258", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk->sk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb->len = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -> 0\n tso_segs = DIV_ROUND_UP(skb->len, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50258", url: "https://www.suse.com/security/cve/CVE-2024-50258", }, { category: "external", summary: "SUSE Bug 1233221 for CVE-2024-50258", url: "https://bugzilla.suse.com/1233221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50258", }, { cve: "CVE-2024-50259", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50259", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()\n\nThis was found by a static analyzer.\nWe should not forget the trailing zero after copy_from_user()\nif we will further do some string operations, sscanf() in this\ncase. Adding a trailing zero will ensure that the function\nperforms properly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50259", url: "https://www.suse.com/security/cve/CVE-2024-50259", }, { category: "external", summary: "SUSE Bug 1233214 for CVE-2024-50259", url: "https://bugzilla.suse.com/1233214", }, { category: "external", summary: "SUSE Bug 1233215 for CVE-2024-50259", url: "https://bugzilla.suse.com/1233215", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50259", }, { cve: "CVE-2024-50260", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50260", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsock_map: fix a NULL pointer dereference in sock_map_link_update_prog()\n\nThe following race condition could trigger a NULL pointer dereference:\n\nsock_map_link_detach():\t\tsock_map_link_update_prog():\n mutex_lock(&sockmap_mutex);\n ...\n sockmap_link->map = NULL;\n mutex_unlock(&sockmap_mutex);\n \t\t\t\t mutex_lock(&sockmap_mutex);\n\t\t\t\t ...\n\t\t\t\t sock_map_prog_link_lookup(sockmap_link->map);\n\t\t\t\t mutex_unlock(&sockmap_mutex);\n <continue>\n\nFix it by adding a NULL pointer check. In this specific case, it makes\nno sense to update a link which is being released.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50260", url: "https://www.suse.com/security/cve/CVE-2024-50260", }, { category: "external", summary: "SUSE Bug 1233178 for CVE-2024-50260", url: "https://bugzilla.suse.com/1233178", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50260", }, { cve: "CVE-2024-50261", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50261", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: Fix use-after-free while sending the offloading packet\n\nKASAN reports the following UAF. The metadata_dst, which is used to\nstore the SCI value for macsec offload, is already freed by\nmetadata_dst_free() in macsec_free_netdev(), while driver still use it\nfor sending the packet.\n\nTo fix this issue, dst_release() is used instead to release\nmetadata_dst. So it is not freed instantly in macsec_free_netdev() if\nstill referenced by skb.\n\n BUG: KASAN: slab-use-after-free in mlx5e_xmit+0x1e8f/0x4190 [mlx5_core]\n Read of size 2 at addr ffff88813e42e038 by task kworker/7:2/714\n [...]\n Workqueue: mld mld_ifc_work\n Call Trace:\n <TASK>\n dump_stack_lvl+0x51/0x60\n print_report+0xc1/0x600\n kasan_report+0xab/0xe0\n mlx5e_xmit+0x1e8f/0x4190 [mlx5_core]\n dev_hard_start_xmit+0x120/0x530\n sch_direct_xmit+0x149/0x11e0\n __qdisc_run+0x3ad/0x1730\n __dev_queue_xmit+0x1196/0x2ed0\n vlan_dev_hard_start_xmit+0x32e/0x510 [8021q]\n dev_hard_start_xmit+0x120/0x530\n __dev_queue_xmit+0x14a7/0x2ed0\n macsec_start_xmit+0x13e9/0x2340\n dev_hard_start_xmit+0x120/0x530\n __dev_queue_xmit+0x14a7/0x2ed0\n ip6_finish_output2+0x923/0x1a70\n ip6_finish_output+0x2d7/0x970\n ip6_output+0x1ce/0x3a0\n NF_HOOK.constprop.0+0x15f/0x190\n mld_sendpack+0x59a/0xbd0\n mld_ifc_work+0x48a/0xa80\n process_one_work+0x5aa/0xe50\n worker_thread+0x79c/0x1290\n kthread+0x28f/0x350\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x11/0x20\n </TASK>\n\n Allocated by task 3922:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x77/0x90\n __kmalloc_noprof+0x188/0x400\n metadata_dst_alloc+0x1f/0x4e0\n macsec_newlink+0x914/0x1410\n __rtnl_newlink+0xe08/0x15b0\n rtnl_newlink+0x5f/0x90\n rtnetlink_rcv_msg+0x667/0xa80\n netlink_rcv_skb+0x12c/0x360\n netlink_unicast+0x551/0x770\n netlink_sendmsg+0x72d/0xbd0\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x52e/0x6a0\n ___sys_sendmsg+0xeb/0x170\n __sys_sendmsg+0xb5/0x140\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n Freed by task 4011:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x50\n poison_slab_object+0x10c/0x190\n __kasan_slab_free+0x11/0x30\n kfree+0xe0/0x290\n macsec_free_netdev+0x3f/0x140\n netdev_run_todo+0x450/0xc70\n rtnetlink_rcv_msg+0x66f/0xa80\n netlink_rcv_skb+0x12c/0x360\n netlink_unicast+0x551/0x770\n netlink_sendmsg+0x72d/0xbd0\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x52e/0x6a0\n ___sys_sendmsg+0xeb/0x170\n __sys_sendmsg+0xb5/0x140\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50261", url: "https://www.suse.com/security/cve/CVE-2024-50261", }, { category: "external", summary: "SUSE Bug 1233253 for CVE-2024-50261", url: "https://bugzilla.suse.com/1233253", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "important", }, ], title: "CVE-2024-50261", }, { cve: "CVE-2024-50262", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50262", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix out-of-bounds write in trie_get_next_key()\n\ntrie_get_next_key() allocates a node stack with size trie->max_prefixlen,\nwhile it writes (trie->max_prefixlen + 1) nodes to the stack when it has\nfull paths from the root to leaves. For example, consider a trie with\nmax_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ...\n0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with\n.prefixlen = 8 make 9 nodes be written on the node stack with size 8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50262", url: "https://www.suse.com/security/cve/CVE-2024-50262", }, { category: "external", summary: "SUSE Bug 1233239 for CVE-2024-50262", url: "https://bugzilla.suse.com/1233239", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50262", }, { cve: "CVE-2024-50263", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50263", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: only invoke khugepaged, ksm hooks if no error\n\nThere is no reason to invoke these hooks early against an mm that is in an\nincomplete state.\n\nThe change in commit d24062914837 (\"fork: use __mt_dup() to duplicate\nmaple tree in dup_mmap()\") makes this more pertinent as we may be in a\nstate where entries in the maple tree are not yet consistent.\n\nTheir placement early in dup_mmap() only appears to have been meaningful\nfor early error checking, and since functionally it'd require a very small\nallocation to fail (in practice 'too small to fail') that'd only occur in\nthe most dire circumstances, meaning the fork would fail or be OOM'd in\nany case.\n\nSince both khugepaged and KSM tracking are there to provide optimisations\nto memory performance rather than critical functionality, it doesn't\nreally matter all that much if, under such dire memory pressure, we fail\nto register an mm with these.\n\nAs a result, we follow the example of commit d2081b2bf819 (\"mm:\nkhugepaged: make khugepaged_enter() void function\") and make ksm_fork() a\nvoid function also.\n\nWe only expose the mm to these functions once we are done with them and\nonly if no error occurred in the fork operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50263", url: "https://www.suse.com/security/cve/CVE-2024-50263", }, { category: "external", summary: "SUSE Bug 1233254 for CVE-2024-50263", url: "https://bugzilla.suse.com/1233254", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-macros-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-6.11.8-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.s390x", "openSUSE Tumbleweed:kernel-source-vanilla-6.11.8-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-11-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50263", }, ], }
opensuse-su-2025:14705-1
Vulnerability from csaf_opensuse
Published
2025-01-28 00:00
Modified
2025-01-28 00:00
Summary
kernel-devel-longterm-6.12.11-1.1 on GA media
Notes
Title of the patch
kernel-devel-longterm-6.12.11-1.1 on GA media
Description of the patch
These are all security issues fixed in the kernel-devel-longterm-6.12.11-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14705
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "kernel-devel-longterm-6.12.11-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the kernel-devel-longterm-6.12.11-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14705", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14705-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14705-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T7LN2FDZYBYZRLX5LOA3REDAXV7VKGW4/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14705-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T7LN2FDZYBYZRLX5LOA3REDAXV7VKGW4/", }, { category: "self", summary: "SUSE CVE CVE-2023-28746 page", url: "https://www.suse.com/security/cve/CVE-2023-28746/", }, { category: "self", summary: "SUSE CVE CVE-2023-47233 page", url: "https://www.suse.com/security/cve/CVE-2023-47233/", }, { category: "self", summary: "SUSE CVE CVE-2023-52429 page", url: "https://www.suse.com/security/cve/CVE-2023-52429/", }, { category: "self", summary: "SUSE CVE CVE-2023-52456 page", url: "https://www.suse.com/security/cve/CVE-2023-52456/", }, { category: "self", summary: "SUSE CVE CVE-2023-52457 page", url: "https://www.suse.com/security/cve/CVE-2023-52457/", }, { category: "self", summary: "SUSE CVE CVE-2023-52459 page", url: "https://www.suse.com/security/cve/CVE-2023-52459/", }, { category: "self", summary: "SUSE CVE CVE-2023-52461 page", url: "https://www.suse.com/security/cve/CVE-2023-52461/", }, { category: "self", summary: "SUSE CVE CVE-2023-52917 page", url: "https://www.suse.com/security/cve/CVE-2023-52917/", }, { category: "self", summary: "SUSE CVE CVE-2023-6270 page", url: "https://www.suse.com/security/cve/CVE-2023-6270/", }, { category: "self", summary: "SUSE CVE CVE-2023-6535 page", url: "https://www.suse.com/security/cve/CVE-2023-6535/", }, { category: "self", summary: "SUSE CVE CVE-2023-6536 page", url: "https://www.suse.com/security/cve/CVE-2023-6536/", }, { category: "self", summary: "SUSE CVE CVE-2023-7042 page", url: "https://www.suse.com/security/cve/CVE-2023-7042/", }, { category: "self", summary: "SUSE CVE CVE-2024-2201 page", url: "https://www.suse.com/security/cve/CVE-2024-2201/", }, { category: "self", summary: "SUSE CVE CVE-2024-23307 page", url: "https://www.suse.com/security/cve/CVE-2024-23307/", }, { category: "self", summary: "SUSE CVE CVE-2024-23851 page", url: "https://www.suse.com/security/cve/CVE-2024-23851/", }, { category: "self", summary: "SUSE CVE CVE-2024-24860 page", url: "https://www.suse.com/security/cve/CVE-2024-24860/", }, { category: "self", summary: "SUSE CVE CVE-2024-26605 page", url: "https://www.suse.com/security/cve/CVE-2024-26605/", }, { category: "self", summary: "SUSE CVE CVE-2024-26862 page", url: "https://www.suse.com/security/cve/CVE-2024-26862/", }, { category: "self", summary: "SUSE CVE CVE-2024-26865 page", url: "https://www.suse.com/security/cve/CVE-2024-26865/", }, { category: "self", summary: "SUSE CVE CVE-2024-46869 page", url: "https://www.suse.com/security/cve/CVE-2024-46869/", }, { category: "self", summary: "SUSE CVE CVE-2024-47671 page", url: "https://www.suse.com/security/cve/CVE-2024-47671/", }, { category: "self", summary: "SUSE CVE CVE-2024-47675 page", url: "https://www.suse.com/security/cve/CVE-2024-47675/", }, { category: "self", summary: "SUSE CVE CVE-2024-47676 page", url: "https://www.suse.com/security/cve/CVE-2024-47676/", }, { category: "self", summary: "SUSE CVE CVE-2024-47677 page", url: "https://www.suse.com/security/cve/CVE-2024-47677/", }, { category: "self", summary: "SUSE CVE CVE-2024-47678 page", url: "https://www.suse.com/security/cve/CVE-2024-47678/", }, { category: "self", summary: "SUSE CVE CVE-2024-47679 page", url: "https://www.suse.com/security/cve/CVE-2024-47679/", }, { category: "self", summary: "SUSE CVE CVE-2024-47680 page", url: "https://www.suse.com/security/cve/CVE-2024-47680/", }, { category: "self", summary: "SUSE CVE CVE-2024-47681 page", url: "https://www.suse.com/security/cve/CVE-2024-47681/", }, { category: "self", summary: "SUSE CVE CVE-2024-47682 page", url: "https://www.suse.com/security/cve/CVE-2024-47682/", }, { category: "self", summary: "SUSE CVE CVE-2024-47683 page", url: "https://www.suse.com/security/cve/CVE-2024-47683/", }, { category: "self", summary: "SUSE CVE CVE-2024-47684 page", url: "https://www.suse.com/security/cve/CVE-2024-47684/", }, { category: "self", summary: "SUSE CVE CVE-2024-47685 page", url: "https://www.suse.com/security/cve/CVE-2024-47685/", }, { category: "self", summary: "SUSE CVE CVE-2024-47686 page", url: "https://www.suse.com/security/cve/CVE-2024-47686/", }, { category: "self", summary: "SUSE CVE CVE-2024-47687 page", url: "https://www.suse.com/security/cve/CVE-2024-47687/", }, { category: "self", summary: "SUSE CVE CVE-2024-47688 page", url: "https://www.suse.com/security/cve/CVE-2024-47688/", }, { category: "self", summary: "SUSE CVE CVE-2024-47689 page", url: "https://www.suse.com/security/cve/CVE-2024-47689/", }, { category: "self", summary: "SUSE CVE CVE-2024-47690 page", url: "https://www.suse.com/security/cve/CVE-2024-47690/", }, { category: "self", summary: "SUSE CVE CVE-2024-47691 page", url: "https://www.suse.com/security/cve/CVE-2024-47691/", }, { category: "self", summary: "SUSE CVE CVE-2024-47692 page", url: "https://www.suse.com/security/cve/CVE-2024-47692/", }, { category: "self", summary: "SUSE CVE CVE-2024-47693 page", url: "https://www.suse.com/security/cve/CVE-2024-47693/", }, { category: "self", summary: "SUSE CVE CVE-2024-47694 page", url: "https://www.suse.com/security/cve/CVE-2024-47694/", }, { category: "self", summary: "SUSE CVE CVE-2024-47695 page", url: "https://www.suse.com/security/cve/CVE-2024-47695/", }, { category: "self", summary: "SUSE CVE CVE-2024-47696 page", url: "https://www.suse.com/security/cve/CVE-2024-47696/", }, { category: "self", summary: "SUSE CVE CVE-2024-47697 page", url: "https://www.suse.com/security/cve/CVE-2024-47697/", }, { category: "self", summary: "SUSE CVE CVE-2024-47698 page", url: "https://www.suse.com/security/cve/CVE-2024-47698/", }, { category: "self", summary: "SUSE CVE CVE-2024-47699 page", url: "https://www.suse.com/security/cve/CVE-2024-47699/", }, { category: "self", summary: "SUSE CVE CVE-2024-47700 page", url: "https://www.suse.com/security/cve/CVE-2024-47700/", }, { category: "self", summary: "SUSE CVE CVE-2024-47701 page", url: "https://www.suse.com/security/cve/CVE-2024-47701/", }, { category: "self", summary: "SUSE CVE CVE-2024-47702 page", url: "https://www.suse.com/security/cve/CVE-2024-47702/", }, { category: "self", summary: "SUSE CVE CVE-2024-47703 page", url: "https://www.suse.com/security/cve/CVE-2024-47703/", }, { category: "self", summary: "SUSE CVE CVE-2024-47704 page", url: "https://www.suse.com/security/cve/CVE-2024-47704/", }, { category: "self", summary: "SUSE CVE CVE-2024-47705 page", url: "https://www.suse.com/security/cve/CVE-2024-47705/", }, { category: "self", summary: "SUSE CVE CVE-2024-47706 page", url: "https://www.suse.com/security/cve/CVE-2024-47706/", }, { category: "self", summary: "SUSE CVE CVE-2024-47707 page", url: "https://www.suse.com/security/cve/CVE-2024-47707/", }, { category: "self", summary: "SUSE CVE CVE-2024-47708 page", url: "https://www.suse.com/security/cve/CVE-2024-47708/", }, { category: "self", summary: "SUSE CVE CVE-2024-47709 page", url: "https://www.suse.com/security/cve/CVE-2024-47709/", }, { category: "self", summary: "SUSE CVE CVE-2024-47710 page", url: "https://www.suse.com/security/cve/CVE-2024-47710/", }, { category: "self", summary: "SUSE CVE CVE-2024-47711 page", url: "https://www.suse.com/security/cve/CVE-2024-47711/", }, { category: "self", summary: "SUSE CVE CVE-2024-47712 page", url: "https://www.suse.com/security/cve/CVE-2024-47712/", }, { category: "self", summary: "SUSE CVE CVE-2024-47713 page", url: "https://www.suse.com/security/cve/CVE-2024-47713/", }, { category: "self", summary: "SUSE CVE CVE-2024-47714 page", url: "https://www.suse.com/security/cve/CVE-2024-47714/", }, { category: "self", summary: "SUSE CVE CVE-2024-47715 page", url: "https://www.suse.com/security/cve/CVE-2024-47715/", }, { category: "self", summary: "SUSE CVE CVE-2024-47716 page", url: "https://www.suse.com/security/cve/CVE-2024-47716/", }, { category: "self", summary: "SUSE CVE CVE-2024-47717 page", url: "https://www.suse.com/security/cve/CVE-2024-47717/", }, { category: "self", summary: "SUSE CVE CVE-2024-47718 page", url: "https://www.suse.com/security/cve/CVE-2024-47718/", }, { category: "self", summary: "SUSE CVE CVE-2024-47719 page", url: "https://www.suse.com/security/cve/CVE-2024-47719/", }, { category: "self", summary: "SUSE CVE CVE-2024-47720 page", url: "https://www.suse.com/security/cve/CVE-2024-47720/", }, { category: "self", summary: "SUSE CVE CVE-2024-47721 page", url: "https://www.suse.com/security/cve/CVE-2024-47721/", }, { category: "self", summary: "SUSE CVE CVE-2024-47723 page", url: "https://www.suse.com/security/cve/CVE-2024-47723/", }, { category: "self", summary: "SUSE CVE CVE-2024-47724 page", url: "https://www.suse.com/security/cve/CVE-2024-47724/", }, { category: "self", summary: "SUSE CVE CVE-2024-47726 page", url: "https://www.suse.com/security/cve/CVE-2024-47726/", }, { category: "self", summary: "SUSE CVE CVE-2024-47727 page", url: "https://www.suse.com/security/cve/CVE-2024-47727/", }, { category: "self", summary: "SUSE CVE CVE-2024-47728 page", url: "https://www.suse.com/security/cve/CVE-2024-47728/", }, { category: "self", summary: "SUSE CVE CVE-2024-47729 page", url: "https://www.suse.com/security/cve/CVE-2024-47729/", }, { category: "self", summary: "SUSE CVE CVE-2024-47730 page", url: "https://www.suse.com/security/cve/CVE-2024-47730/", }, { category: "self", summary: "SUSE CVE CVE-2024-47731 page", url: "https://www.suse.com/security/cve/CVE-2024-47731/", }, { category: "self", summary: "SUSE CVE CVE-2024-47732 page", url: "https://www.suse.com/security/cve/CVE-2024-47732/", }, { category: "self", summary: "SUSE CVE CVE-2024-47733 page", url: "https://www.suse.com/security/cve/CVE-2024-47733/", }, { category: "self", summary: "SUSE CVE CVE-2024-47734 page", url: "https://www.suse.com/security/cve/CVE-2024-47734/", }, { category: "self", summary: "SUSE CVE CVE-2024-47735 page", url: "https://www.suse.com/security/cve/CVE-2024-47735/", }, { category: "self", summary: "SUSE CVE CVE-2024-47736 page", url: "https://www.suse.com/security/cve/CVE-2024-47736/", }, { category: "self", summary: "SUSE CVE CVE-2024-47737 page", url: "https://www.suse.com/security/cve/CVE-2024-47737/", }, { category: "self", summary: "SUSE CVE CVE-2024-47738 page", url: "https://www.suse.com/security/cve/CVE-2024-47738/", }, { category: "self", summary: "SUSE CVE CVE-2024-47739 page", url: "https://www.suse.com/security/cve/CVE-2024-47739/", }, { category: "self", summary: "SUSE CVE CVE-2024-47740 page", url: "https://www.suse.com/security/cve/CVE-2024-47740/", }, { category: "self", summary: "SUSE CVE CVE-2024-47741 page", url: "https://www.suse.com/security/cve/CVE-2024-47741/", }, { category: "self", summary: "SUSE CVE CVE-2024-47742 page", url: "https://www.suse.com/security/cve/CVE-2024-47742/", }, { category: "self", summary: "SUSE CVE CVE-2024-47743 page", url: "https://www.suse.com/security/cve/CVE-2024-47743/", }, { category: "self", summary: "SUSE CVE CVE-2024-47744 page", url: "https://www.suse.com/security/cve/CVE-2024-47744/", }, { category: "self", summary: "SUSE CVE CVE-2024-47745 page", url: "https://www.suse.com/security/cve/CVE-2024-47745/", }, { category: "self", summary: "SUSE CVE CVE-2024-47746 page", url: "https://www.suse.com/security/cve/CVE-2024-47746/", }, { category: "self", summary: "SUSE CVE CVE-2024-47747 page", url: "https://www.suse.com/security/cve/CVE-2024-47747/", }, { category: "self", summary: "SUSE CVE CVE-2024-47748 page", url: "https://www.suse.com/security/cve/CVE-2024-47748/", }, { category: "self", summary: "SUSE CVE CVE-2024-47749 page", url: "https://www.suse.com/security/cve/CVE-2024-47749/", }, { category: "self", summary: "SUSE CVE CVE-2024-47750 page", url: "https://www.suse.com/security/cve/CVE-2024-47750/", }, { category: "self", summary: "SUSE CVE CVE-2024-47751 page", url: "https://www.suse.com/security/cve/CVE-2024-47751/", }, { category: "self", summary: "SUSE CVE CVE-2024-47752 page", url: "https://www.suse.com/security/cve/CVE-2024-47752/", }, { category: "self", summary: "SUSE CVE CVE-2024-47753 page", url: "https://www.suse.com/security/cve/CVE-2024-47753/", }, { category: "self", summary: "SUSE CVE CVE-2024-47754 page", url: "https://www.suse.com/security/cve/CVE-2024-47754/", }, { category: "self", summary: "SUSE CVE CVE-2024-47756 page", url: "https://www.suse.com/security/cve/CVE-2024-47756/", }, { category: "self", summary: "SUSE CVE CVE-2024-47757 page", url: "https://www.suse.com/security/cve/CVE-2024-47757/", }, { category: "self", summary: "SUSE CVE CVE-2024-49850 page", url: "https://www.suse.com/security/cve/CVE-2024-49850/", }, { category: "self", summary: "SUSE CVE CVE-2024-49851 page", url: "https://www.suse.com/security/cve/CVE-2024-49851/", }, { category: "self", summary: "SUSE CVE CVE-2024-49852 page", url: "https://www.suse.com/security/cve/CVE-2024-49852/", }, { category: "self", summary: "SUSE CVE CVE-2024-49853 page", url: "https://www.suse.com/security/cve/CVE-2024-49853/", }, { category: "self", summary: "SUSE CVE CVE-2024-49854 page", url: "https://www.suse.com/security/cve/CVE-2024-49854/", }, { category: "self", summary: "SUSE CVE CVE-2024-49855 page", url: "https://www.suse.com/security/cve/CVE-2024-49855/", }, { category: "self", summary: "SUSE CVE CVE-2024-49856 page", url: "https://www.suse.com/security/cve/CVE-2024-49856/", }, { category: "self", summary: "SUSE CVE CVE-2024-49857 page", url: "https://www.suse.com/security/cve/CVE-2024-49857/", }, { category: "self", summary: "SUSE CVE CVE-2024-49858 page", url: "https://www.suse.com/security/cve/CVE-2024-49858/", }, { category: "self", summary: "SUSE CVE CVE-2024-49859 page", url: "https://www.suse.com/security/cve/CVE-2024-49859/", }, { category: "self", summary: "SUSE CVE CVE-2024-49860 page", url: "https://www.suse.com/security/cve/CVE-2024-49860/", }, { category: "self", summary: "SUSE CVE CVE-2024-49861 page", url: "https://www.suse.com/security/cve/CVE-2024-49861/", }, { category: "self", summary: "SUSE CVE CVE-2024-49862 page", url: "https://www.suse.com/security/cve/CVE-2024-49862/", }, { category: "self", summary: "SUSE CVE CVE-2024-49863 page", url: "https://www.suse.com/security/cve/CVE-2024-49863/", }, { category: "self", summary: "SUSE CVE CVE-2024-49864 page", url: "https://www.suse.com/security/cve/CVE-2024-49864/", }, { category: "self", summary: "SUSE CVE CVE-2024-49865 page", url: "https://www.suse.com/security/cve/CVE-2024-49865/", }, { category: "self", summary: "SUSE CVE CVE-2024-49866 page", url: "https://www.suse.com/security/cve/CVE-2024-49866/", }, { category: "self", summary: "SUSE CVE CVE-2024-49867 page", url: "https://www.suse.com/security/cve/CVE-2024-49867/", }, { category: "self", summary: "SUSE CVE CVE-2024-49868 page", url: "https://www.suse.com/security/cve/CVE-2024-49868/", }, { category: "self", summary: "SUSE CVE CVE-2024-49869 page", url: "https://www.suse.com/security/cve/CVE-2024-49869/", }, { category: "self", summary: "SUSE CVE CVE-2024-49870 page", url: "https://www.suse.com/security/cve/CVE-2024-49870/", }, { category: "self", summary: "SUSE CVE CVE-2024-49871 page", url: "https://www.suse.com/security/cve/CVE-2024-49871/", }, { category: "self", summary: "SUSE CVE CVE-2024-49872 page", url: "https://www.suse.com/security/cve/CVE-2024-49872/", }, { category: "self", summary: "SUSE CVE CVE-2024-49873 page", url: "https://www.suse.com/security/cve/CVE-2024-49873/", }, { category: "self", summary: "SUSE CVE CVE-2024-49874 page", url: "https://www.suse.com/security/cve/CVE-2024-49874/", }, { category: "self", summary: "SUSE CVE CVE-2024-49875 page", url: "https://www.suse.com/security/cve/CVE-2024-49875/", }, { category: "self", summary: "SUSE CVE CVE-2024-49876 page", url: "https://www.suse.com/security/cve/CVE-2024-49876/", }, { category: "self", summary: "SUSE CVE CVE-2024-49877 page", url: "https://www.suse.com/security/cve/CVE-2024-49877/", }, { category: "self", summary: "SUSE CVE CVE-2024-49878 page", url: "https://www.suse.com/security/cve/CVE-2024-49878/", }, { category: "self", summary: "SUSE CVE CVE-2024-49879 page", url: "https://www.suse.com/security/cve/CVE-2024-49879/", }, { category: "self", summary: "SUSE CVE CVE-2024-49880 page", url: "https://www.suse.com/security/cve/CVE-2024-49880/", }, { category: "self", summary: "SUSE CVE CVE-2024-49881 page", url: "https://www.suse.com/security/cve/CVE-2024-49881/", }, { category: "self", summary: "SUSE CVE CVE-2024-49882 page", url: "https://www.suse.com/security/cve/CVE-2024-49882/", }, { category: "self", summary: "SUSE CVE CVE-2024-49883 page", url: "https://www.suse.com/security/cve/CVE-2024-49883/", }, { category: "self", summary: "SUSE CVE CVE-2024-49884 page", url: "https://www.suse.com/security/cve/CVE-2024-49884/", }, { category: "self", summary: "SUSE CVE CVE-2024-49885 page", url: "https://www.suse.com/security/cve/CVE-2024-49885/", }, { category: "self", summary: "SUSE CVE CVE-2024-49886 page", url: "https://www.suse.com/security/cve/CVE-2024-49886/", }, { category: "self", summary: "SUSE CVE CVE-2024-49887 page", url: "https://www.suse.com/security/cve/CVE-2024-49887/", }, { category: "self", summary: "SUSE CVE CVE-2024-49888 page", url: "https://www.suse.com/security/cve/CVE-2024-49888/", }, { category: "self", summary: "SUSE CVE CVE-2024-49889 page", url: "https://www.suse.com/security/cve/CVE-2024-49889/", }, { category: "self", summary: "SUSE CVE CVE-2024-49890 page", url: "https://www.suse.com/security/cve/CVE-2024-49890/", }, { category: "self", summary: "SUSE CVE CVE-2024-49891 page", url: "https://www.suse.com/security/cve/CVE-2024-49891/", }, { category: "self", summary: "SUSE CVE CVE-2024-49892 page", url: "https://www.suse.com/security/cve/CVE-2024-49892/", }, { category: "self", summary: "SUSE CVE CVE-2024-49893 page", url: "https://www.suse.com/security/cve/CVE-2024-49893/", }, { category: "self", summary: "SUSE CVE CVE-2024-49894 page", url: "https://www.suse.com/security/cve/CVE-2024-49894/", }, { category: "self", summary: "SUSE CVE CVE-2024-49895 page", url: "https://www.suse.com/security/cve/CVE-2024-49895/", }, { category: "self", summary: "SUSE CVE CVE-2024-49896 page", url: "https://www.suse.com/security/cve/CVE-2024-49896/", }, { category: "self", summary: "SUSE CVE CVE-2024-49897 page", url: "https://www.suse.com/security/cve/CVE-2024-49897/", }, { category: "self", summary: "SUSE CVE CVE-2024-49898 page", url: "https://www.suse.com/security/cve/CVE-2024-49898/", }, { category: "self", summary: "SUSE CVE CVE-2024-49899 page", url: "https://www.suse.com/security/cve/CVE-2024-49899/", }, { category: "self", summary: "SUSE CVE CVE-2024-49900 page", url: "https://www.suse.com/security/cve/CVE-2024-49900/", }, { category: "self", summary: "SUSE CVE CVE-2024-49901 page", url: "https://www.suse.com/security/cve/CVE-2024-49901/", }, { category: "self", summary: "SUSE CVE CVE-2024-49902 page", url: "https://www.suse.com/security/cve/CVE-2024-49902/", }, { category: "self", summary: "SUSE CVE CVE-2024-49903 page", url: "https://www.suse.com/security/cve/CVE-2024-49903/", }, { category: "self", summary: "SUSE CVE CVE-2024-49904 page", url: "https://www.suse.com/security/cve/CVE-2024-49904/", }, { category: "self", summary: "SUSE CVE CVE-2024-49905 page", url: "https://www.suse.com/security/cve/CVE-2024-49905/", }, { category: "self", summary: "SUSE CVE CVE-2024-49906 page", url: "https://www.suse.com/security/cve/CVE-2024-49906/", }, { category: "self", summary: "SUSE CVE CVE-2024-49907 page", url: "https://www.suse.com/security/cve/CVE-2024-49907/", }, { category: "self", summary: "SUSE CVE CVE-2024-49908 page", url: "https://www.suse.com/security/cve/CVE-2024-49908/", }, { category: "self", summary: "SUSE CVE CVE-2024-49909 page", url: "https://www.suse.com/security/cve/CVE-2024-49909/", }, { category: "self", summary: "SUSE CVE CVE-2024-49910 page", url: "https://www.suse.com/security/cve/CVE-2024-49910/", }, { category: "self", summary: "SUSE CVE CVE-2024-49911 page", url: "https://www.suse.com/security/cve/CVE-2024-49911/", }, { category: "self", summary: "SUSE CVE CVE-2024-49912 page", url: "https://www.suse.com/security/cve/CVE-2024-49912/", }, { category: "self", summary: "SUSE CVE CVE-2024-49913 page", url: "https://www.suse.com/security/cve/CVE-2024-49913/", }, { category: "self", summary: "SUSE CVE CVE-2024-49914 page", url: "https://www.suse.com/security/cve/CVE-2024-49914/", }, { category: "self", summary: "SUSE CVE CVE-2024-49915 page", url: "https://www.suse.com/security/cve/CVE-2024-49915/", }, { category: "self", summary: "SUSE CVE CVE-2024-49916 page", url: "https://www.suse.com/security/cve/CVE-2024-49916/", }, { category: "self", summary: "SUSE CVE CVE-2024-49917 page", url: "https://www.suse.com/security/cve/CVE-2024-49917/", }, { category: "self", summary: "SUSE CVE CVE-2024-49918 page", url: "https://www.suse.com/security/cve/CVE-2024-49918/", }, { category: "self", summary: "SUSE CVE CVE-2024-49919 page", url: "https://www.suse.com/security/cve/CVE-2024-49919/", }, { category: "self", summary: "SUSE CVE CVE-2024-49920 page", url: "https://www.suse.com/security/cve/CVE-2024-49920/", }, { category: "self", summary: "SUSE CVE CVE-2024-49921 page", url: "https://www.suse.com/security/cve/CVE-2024-49921/", }, { category: "self", summary: "SUSE CVE CVE-2024-49922 page", url: "https://www.suse.com/security/cve/CVE-2024-49922/", }, { category: "self", summary: "SUSE CVE CVE-2024-49923 page", url: "https://www.suse.com/security/cve/CVE-2024-49923/", }, { category: "self", summary: "SUSE CVE CVE-2024-49924 page", url: "https://www.suse.com/security/cve/CVE-2024-49924/", }, { category: "self", summary: "SUSE CVE CVE-2024-49925 page", url: "https://www.suse.com/security/cve/CVE-2024-49925/", }, { category: "self", summary: "SUSE CVE CVE-2024-49926 page", url: "https://www.suse.com/security/cve/CVE-2024-49926/", }, { category: "self", summary: "SUSE CVE CVE-2024-49927 page", url: "https://www.suse.com/security/cve/CVE-2024-49927/", }, { category: "self", summary: "SUSE CVE CVE-2024-49928 page", url: "https://www.suse.com/security/cve/CVE-2024-49928/", }, { category: "self", summary: "SUSE CVE CVE-2024-49929 page", url: "https://www.suse.com/security/cve/CVE-2024-49929/", }, { category: "self", summary: "SUSE CVE CVE-2024-49930 page", url: "https://www.suse.com/security/cve/CVE-2024-49930/", }, { category: "self", summary: "SUSE CVE CVE-2024-49931 page", url: "https://www.suse.com/security/cve/CVE-2024-49931/", }, { category: "self", summary: "SUSE CVE CVE-2024-49932 page", url: "https://www.suse.com/security/cve/CVE-2024-49932/", }, { category: "self", summary: "SUSE CVE CVE-2024-49933 page", url: "https://www.suse.com/security/cve/CVE-2024-49933/", }, { category: "self", summary: "SUSE CVE CVE-2024-49934 page", url: "https://www.suse.com/security/cve/CVE-2024-49934/", }, { category: "self", summary: "SUSE CVE CVE-2024-49935 page", url: "https://www.suse.com/security/cve/CVE-2024-49935/", }, { category: "self", summary: "SUSE CVE CVE-2024-49936 page", url: "https://www.suse.com/security/cve/CVE-2024-49936/", }, { category: "self", summary: "SUSE CVE CVE-2024-49937 page", url: "https://www.suse.com/security/cve/CVE-2024-49937/", }, { category: "self", summary: "SUSE CVE CVE-2024-49938 page", url: "https://www.suse.com/security/cve/CVE-2024-49938/", }, { category: "self", summary: "SUSE CVE CVE-2024-49939 page", url: "https://www.suse.com/security/cve/CVE-2024-49939/", }, { category: "self", summary: "SUSE CVE CVE-2024-49940 page", url: "https://www.suse.com/security/cve/CVE-2024-49940/", }, { category: "self", summary: "SUSE CVE CVE-2024-49941 page", url: "https://www.suse.com/security/cve/CVE-2024-49941/", }, { category: "self", summary: "SUSE CVE CVE-2024-49942 page", url: "https://www.suse.com/security/cve/CVE-2024-49942/", }, { category: "self", summary: "SUSE CVE CVE-2024-49943 page", url: "https://www.suse.com/security/cve/CVE-2024-49943/", }, { category: "self", summary: "SUSE CVE CVE-2024-49944 page", url: "https://www.suse.com/security/cve/CVE-2024-49944/", }, { category: "self", summary: "SUSE CVE CVE-2024-49945 page", url: "https://www.suse.com/security/cve/CVE-2024-49945/", }, { category: "self", summary: "SUSE CVE CVE-2024-49946 page", url: "https://www.suse.com/security/cve/CVE-2024-49946/", }, { category: "self", summary: "SUSE CVE CVE-2024-49947 page", url: "https://www.suse.com/security/cve/CVE-2024-49947/", }, { category: "self", summary: "SUSE CVE CVE-2024-49948 page", url: "https://www.suse.com/security/cve/CVE-2024-49948/", }, { category: "self", summary: "SUSE CVE CVE-2024-49949 page", url: "https://www.suse.com/security/cve/CVE-2024-49949/", }, { category: "self", summary: "SUSE CVE CVE-2024-49950 page", url: "https://www.suse.com/security/cve/CVE-2024-49950/", }, { category: "self", summary: "SUSE CVE CVE-2024-49951 page", url: "https://www.suse.com/security/cve/CVE-2024-49951/", }, { category: "self", summary: "SUSE CVE CVE-2024-49952 page", url: "https://www.suse.com/security/cve/CVE-2024-49952/", }, { category: "self", summary: "SUSE CVE CVE-2024-49953 page", url: "https://www.suse.com/security/cve/CVE-2024-49953/", }, { category: "self", summary: "SUSE CVE CVE-2024-49954 page", url: "https://www.suse.com/security/cve/CVE-2024-49954/", }, { category: "self", summary: "SUSE CVE CVE-2024-49955 page", url: "https://www.suse.com/security/cve/CVE-2024-49955/", }, { category: "self", summary: "SUSE CVE CVE-2024-49956 page", url: "https://www.suse.com/security/cve/CVE-2024-49956/", }, { category: "self", summary: "SUSE CVE CVE-2024-49957 page", url: "https://www.suse.com/security/cve/CVE-2024-49957/", }, { category: "self", summary: "SUSE CVE CVE-2024-49958 page", url: "https://www.suse.com/security/cve/CVE-2024-49958/", }, { category: "self", summary: "SUSE CVE CVE-2024-49959 page", url: "https://www.suse.com/security/cve/CVE-2024-49959/", }, { category: "self", summary: "SUSE CVE CVE-2024-49960 page", url: "https://www.suse.com/security/cve/CVE-2024-49960/", }, { category: "self", summary: "SUSE CVE CVE-2024-49961 page", url: "https://www.suse.com/security/cve/CVE-2024-49961/", }, { category: "self", summary: "SUSE CVE CVE-2024-49962 page", url: "https://www.suse.com/security/cve/CVE-2024-49962/", }, { category: "self", summary: "SUSE CVE CVE-2024-49963 page", url: "https://www.suse.com/security/cve/CVE-2024-49963/", }, { category: "self", summary: "SUSE CVE CVE-2024-49964 page", url: "https://www.suse.com/security/cve/CVE-2024-49964/", }, { category: "self", summary: "SUSE CVE CVE-2024-49965 page", url: "https://www.suse.com/security/cve/CVE-2024-49965/", }, { category: "self", summary: "SUSE CVE CVE-2024-49966 page", url: "https://www.suse.com/security/cve/CVE-2024-49966/", }, { category: "self", summary: "SUSE CVE CVE-2024-49967 page", url: "https://www.suse.com/security/cve/CVE-2024-49967/", }, { category: "self", summary: "SUSE CVE CVE-2024-49968 page", url: "https://www.suse.com/security/cve/CVE-2024-49968/", }, { category: "self", summary: "SUSE CVE CVE-2024-49969 page", url: "https://www.suse.com/security/cve/CVE-2024-49969/", }, { category: "self", summary: "SUSE CVE CVE-2024-49970 page", url: "https://www.suse.com/security/cve/CVE-2024-49970/", }, { category: "self", summary: "SUSE CVE CVE-2024-49971 page", url: "https://www.suse.com/security/cve/CVE-2024-49971/", }, { category: "self", summary: "SUSE CVE CVE-2024-49972 page", url: "https://www.suse.com/security/cve/CVE-2024-49972/", }, { category: "self", summary: "SUSE CVE CVE-2024-49973 page", url: "https://www.suse.com/security/cve/CVE-2024-49973/", }, { category: "self", summary: "SUSE CVE CVE-2024-49974 page", url: "https://www.suse.com/security/cve/CVE-2024-49974/", }, { category: "self", summary: "SUSE CVE CVE-2024-49975 page", url: "https://www.suse.com/security/cve/CVE-2024-49975/", }, { category: "self", summary: "SUSE CVE CVE-2024-49976 page", url: "https://www.suse.com/security/cve/CVE-2024-49976/", }, { category: "self", summary: "SUSE CVE CVE-2024-49977 page", url: "https://www.suse.com/security/cve/CVE-2024-49977/", }, { category: "self", summary: "SUSE CVE CVE-2024-49978 page", url: "https://www.suse.com/security/cve/CVE-2024-49978/", }, { category: "self", summary: "SUSE CVE CVE-2024-49979 page", url: "https://www.suse.com/security/cve/CVE-2024-49979/", }, { category: "self", summary: "SUSE CVE CVE-2024-49980 page", url: "https://www.suse.com/security/cve/CVE-2024-49980/", }, { category: "self", summary: "SUSE CVE CVE-2024-49981 page", url: "https://www.suse.com/security/cve/CVE-2024-49981/", }, { category: "self", summary: "SUSE CVE CVE-2024-49982 page", url: "https://www.suse.com/security/cve/CVE-2024-49982/", }, { category: "self", summary: "SUSE CVE CVE-2024-49983 page", url: "https://www.suse.com/security/cve/CVE-2024-49983/", }, { category: "self", summary: "SUSE CVE CVE-2024-49984 page", url: "https://www.suse.com/security/cve/CVE-2024-49984/", }, { category: "self", summary: "SUSE CVE CVE-2024-49985 page", url: "https://www.suse.com/security/cve/CVE-2024-49985/", }, { category: "self", summary: "SUSE CVE CVE-2024-49986 page", url: "https://www.suse.com/security/cve/CVE-2024-49986/", }, { category: "self", summary: "SUSE CVE CVE-2024-49987 page", url: "https://www.suse.com/security/cve/CVE-2024-49987/", }, { category: "self", summary: "SUSE CVE CVE-2024-49988 page", url: "https://www.suse.com/security/cve/CVE-2024-49988/", }, { category: "self", summary: "SUSE CVE CVE-2024-49989 page", url: "https://www.suse.com/security/cve/CVE-2024-49989/", }, { category: "self", summary: "SUSE CVE CVE-2024-49990 page", url: "https://www.suse.com/security/cve/CVE-2024-49990/", }, { category: "self", summary: "SUSE CVE CVE-2024-49991 page", url: "https://www.suse.com/security/cve/CVE-2024-49991/", }, { category: "self", summary: "SUSE CVE CVE-2024-49992 page", url: "https://www.suse.com/security/cve/CVE-2024-49992/", }, { category: "self", summary: "SUSE CVE CVE-2024-49994 page", url: "https://www.suse.com/security/cve/CVE-2024-49994/", }, { category: "self", summary: "SUSE CVE CVE-2024-49995 page", url: "https://www.suse.com/security/cve/CVE-2024-49995/", }, { category: "self", summary: "SUSE CVE CVE-2024-49996 page", url: "https://www.suse.com/security/cve/CVE-2024-49996/", }, { category: "self", summary: "SUSE CVE CVE-2024-49997 page", url: "https://www.suse.com/security/cve/CVE-2024-49997/", }, { category: "self", summary: "SUSE CVE CVE-2024-49998 page", url: "https://www.suse.com/security/cve/CVE-2024-49998/", }, { category: "self", summary: "SUSE CVE CVE-2024-49999 page", url: "https://www.suse.com/security/cve/CVE-2024-49999/", }, { category: "self", summary: "SUSE CVE CVE-2024-50000 page", url: "https://www.suse.com/security/cve/CVE-2024-50000/", }, { category: "self", summary: "SUSE CVE CVE-2024-50001 page", url: "https://www.suse.com/security/cve/CVE-2024-50001/", }, { category: "self", summary: "SUSE CVE CVE-2024-50002 page", url: "https://www.suse.com/security/cve/CVE-2024-50002/", }, { category: "self", summary: "SUSE CVE CVE-2024-50003 page", url: "https://www.suse.com/security/cve/CVE-2024-50003/", }, { category: "self", summary: "SUSE CVE CVE-2024-50004 page", url: "https://www.suse.com/security/cve/CVE-2024-50004/", }, { category: "self", summary: "SUSE CVE CVE-2024-50005 page", url: "https://www.suse.com/security/cve/CVE-2024-50005/", }, { category: "self", summary: "SUSE CVE CVE-2024-50006 page", url: "https://www.suse.com/security/cve/CVE-2024-50006/", }, { category: "self", summary: "SUSE CVE CVE-2024-50007 page", url: "https://www.suse.com/security/cve/CVE-2024-50007/", }, { category: "self", summary: "SUSE CVE CVE-2024-50008 page", url: "https://www.suse.com/security/cve/CVE-2024-50008/", }, { category: "self", summary: "SUSE CVE CVE-2024-50009 page", url: "https://www.suse.com/security/cve/CVE-2024-50009/", }, { category: "self", summary: "SUSE CVE CVE-2024-50010 page", url: "https://www.suse.com/security/cve/CVE-2024-50010/", }, { category: "self", summary: "SUSE CVE CVE-2024-50011 page", url: "https://www.suse.com/security/cve/CVE-2024-50011/", }, { category: "self", summary: "SUSE CVE CVE-2024-50012 page", url: "https://www.suse.com/security/cve/CVE-2024-50012/", }, { category: "self", summary: "SUSE CVE CVE-2024-50013 page", url: "https://www.suse.com/security/cve/CVE-2024-50013/", }, { category: "self", summary: "SUSE CVE CVE-2024-50014 page", url: "https://www.suse.com/security/cve/CVE-2024-50014/", }, { category: "self", summary: "SUSE CVE CVE-2024-50015 page", url: "https://www.suse.com/security/cve/CVE-2024-50015/", }, { category: "self", summary: "SUSE CVE CVE-2024-50016 page", url: "https://www.suse.com/security/cve/CVE-2024-50016/", }, { category: "self", summary: "SUSE CVE CVE-2024-50017 page", url: "https://www.suse.com/security/cve/CVE-2024-50017/", }, { category: "self", summary: "SUSE CVE CVE-2024-50018 page", url: "https://www.suse.com/security/cve/CVE-2024-50018/", }, { category: "self", summary: "SUSE CVE CVE-2024-50019 page", url: "https://www.suse.com/security/cve/CVE-2024-50019/", }, { category: "self", summary: "SUSE CVE CVE-2024-50020 page", url: "https://www.suse.com/security/cve/CVE-2024-50020/", }, { category: "self", summary: "SUSE CVE CVE-2024-50021 page", url: "https://www.suse.com/security/cve/CVE-2024-50021/", }, { category: "self", summary: "SUSE CVE CVE-2024-50022 page", url: "https://www.suse.com/security/cve/CVE-2024-50022/", }, { category: "self", summary: "SUSE CVE CVE-2024-50023 page", url: "https://www.suse.com/security/cve/CVE-2024-50023/", }, { category: "self", summary: "SUSE CVE CVE-2024-50024 page", url: "https://www.suse.com/security/cve/CVE-2024-50024/", }, { category: "self", summary: "SUSE CVE CVE-2024-50025 page", url: "https://www.suse.com/security/cve/CVE-2024-50025/", }, { category: "self", summary: "SUSE CVE CVE-2024-50026 page", url: "https://www.suse.com/security/cve/CVE-2024-50026/", }, { category: "self", summary: "SUSE CVE CVE-2024-50027 page", url: "https://www.suse.com/security/cve/CVE-2024-50027/", }, { category: "self", summary: "SUSE CVE CVE-2024-50028 page", url: "https://www.suse.com/security/cve/CVE-2024-50028/", }, { category: "self", summary: "SUSE CVE CVE-2024-50029 page", url: "https://www.suse.com/security/cve/CVE-2024-50029/", }, { category: "self", summary: "SUSE CVE CVE-2024-50030 page", url: "https://www.suse.com/security/cve/CVE-2024-50030/", }, { category: "self", summary: "SUSE CVE CVE-2024-50031 page", url: "https://www.suse.com/security/cve/CVE-2024-50031/", }, { category: "self", summary: "SUSE CVE CVE-2024-50032 page", url: "https://www.suse.com/security/cve/CVE-2024-50032/", }, { category: "self", summary: "SUSE CVE CVE-2024-50033 page", url: "https://www.suse.com/security/cve/CVE-2024-50033/", }, { category: "self", summary: "SUSE CVE CVE-2024-50034 page", url: "https://www.suse.com/security/cve/CVE-2024-50034/", }, { category: "self", summary: "SUSE CVE CVE-2024-50035 page", url: "https://www.suse.com/security/cve/CVE-2024-50035/", }, { category: "self", summary: "SUSE CVE CVE-2024-50036 page", url: "https://www.suse.com/security/cve/CVE-2024-50036/", }, { category: "self", summary: "SUSE CVE CVE-2024-50037 page", url: "https://www.suse.com/security/cve/CVE-2024-50037/", }, { category: "self", summary: "SUSE CVE CVE-2024-50038 page", url: "https://www.suse.com/security/cve/CVE-2024-50038/", }, { category: "self", summary: "SUSE CVE CVE-2024-50039 page", url: "https://www.suse.com/security/cve/CVE-2024-50039/", }, { category: "self", summary: "SUSE CVE CVE-2024-50040 page", url: "https://www.suse.com/security/cve/CVE-2024-50040/", }, { category: "self", summary: "SUSE CVE CVE-2024-50041 page", url: "https://www.suse.com/security/cve/CVE-2024-50041/", }, { category: "self", summary: "SUSE CVE CVE-2024-50042 page", url: "https://www.suse.com/security/cve/CVE-2024-50042/", }, { category: "self", summary: "SUSE CVE CVE-2024-50043 page", url: "https://www.suse.com/security/cve/CVE-2024-50043/", }, { category: "self", summary: "SUSE CVE CVE-2024-50044 page", url: "https://www.suse.com/security/cve/CVE-2024-50044/", }, { category: "self", summary: "SUSE CVE CVE-2024-50045 page", url: "https://www.suse.com/security/cve/CVE-2024-50045/", }, { category: "self", summary: "SUSE CVE CVE-2024-50046 page", url: "https://www.suse.com/security/cve/CVE-2024-50046/", }, { category: "self", summary: "SUSE CVE CVE-2024-50047 page", url: "https://www.suse.com/security/cve/CVE-2024-50047/", }, { category: "self", summary: "SUSE CVE CVE-2024-50048 page", url: "https://www.suse.com/security/cve/CVE-2024-50048/", }, { category: "self", summary: "SUSE CVE CVE-2024-50049 page", url: "https://www.suse.com/security/cve/CVE-2024-50049/", }, { category: "self", summary: "SUSE CVE CVE-2024-50055 page", url: "https://www.suse.com/security/cve/CVE-2024-50055/", }, { category: "self", summary: "SUSE CVE CVE-2024-50056 page", url: "https://www.suse.com/security/cve/CVE-2024-50056/", }, { category: "self", summary: "SUSE CVE CVE-2024-50057 page", url: "https://www.suse.com/security/cve/CVE-2024-50057/", }, { category: "self", summary: "SUSE CVE CVE-2024-50058 page", url: "https://www.suse.com/security/cve/CVE-2024-50058/", }, { category: "self", summary: "SUSE CVE CVE-2024-50059 page", url: "https://www.suse.com/security/cve/CVE-2024-50059/", }, { category: "self", summary: "SUSE CVE CVE-2024-50060 page", url: "https://www.suse.com/security/cve/CVE-2024-50060/", }, { category: "self", summary: "SUSE CVE CVE-2024-50061 page", url: "https://www.suse.com/security/cve/CVE-2024-50061/", }, { category: "self", summary: "SUSE CVE CVE-2024-50062 page", url: "https://www.suse.com/security/cve/CVE-2024-50062/", }, { category: "self", summary: "SUSE CVE CVE-2024-50063 page", url: "https://www.suse.com/security/cve/CVE-2024-50063/", }, { category: "self", summary: "SUSE CVE CVE-2024-50064 page", url: "https://www.suse.com/security/cve/CVE-2024-50064/", }, { category: "self", summary: "SUSE CVE CVE-2024-50065 page", url: "https://www.suse.com/security/cve/CVE-2024-50065/", }, { category: "self", summary: "SUSE CVE CVE-2024-50066 page", url: "https://www.suse.com/security/cve/CVE-2024-50066/", }, { category: "self", summary: "SUSE CVE CVE-2024-50067 page", url: "https://www.suse.com/security/cve/CVE-2024-50067/", }, { category: "self", summary: "SUSE CVE CVE-2024-50068 page", url: "https://www.suse.com/security/cve/CVE-2024-50068/", }, { category: "self", summary: "SUSE CVE CVE-2024-50069 page", url: "https://www.suse.com/security/cve/CVE-2024-50069/", }, { category: "self", summary: "SUSE CVE CVE-2024-50070 page", url: "https://www.suse.com/security/cve/CVE-2024-50070/", }, { category: "self", summary: "SUSE CVE CVE-2024-50071 page", url: "https://www.suse.com/security/cve/CVE-2024-50071/", }, { category: "self", summary: "SUSE CVE CVE-2024-50072 page", url: "https://www.suse.com/security/cve/CVE-2024-50072/", }, { category: "self", summary: "SUSE CVE CVE-2024-50073 page", url: "https://www.suse.com/security/cve/CVE-2024-50073/", }, { category: "self", summary: "SUSE CVE CVE-2024-50074 page", url: "https://www.suse.com/security/cve/CVE-2024-50074/", }, { category: "self", summary: "SUSE CVE CVE-2024-50075 page", url: "https://www.suse.com/security/cve/CVE-2024-50075/", }, { category: "self", summary: "SUSE CVE CVE-2024-50076 page", url: "https://www.suse.com/security/cve/CVE-2024-50076/", }, { category: "self", summary: "SUSE CVE CVE-2024-50077 page", url: "https://www.suse.com/security/cve/CVE-2024-50077/", }, { category: "self", summary: "SUSE CVE CVE-2024-50078 page", url: "https://www.suse.com/security/cve/CVE-2024-50078/", }, { category: "self", summary: "SUSE CVE CVE-2024-50079 page", url: "https://www.suse.com/security/cve/CVE-2024-50079/", }, { category: "self", summary: "SUSE CVE CVE-2024-50080 page", url: "https://www.suse.com/security/cve/CVE-2024-50080/", }, { category: "self", summary: "SUSE CVE CVE-2024-50081 page", url: "https://www.suse.com/security/cve/CVE-2024-50081/", }, { category: "self", summary: "SUSE CVE CVE-2024-50082 page", url: "https://www.suse.com/security/cve/CVE-2024-50082/", }, { category: "self", summary: "SUSE CVE CVE-2024-50083 page", url: "https://www.suse.com/security/cve/CVE-2024-50083/", }, { category: "self", summary: "SUSE CVE CVE-2024-50084 page", url: "https://www.suse.com/security/cve/CVE-2024-50084/", }, { category: "self", summary: "SUSE CVE CVE-2024-50085 page", url: "https://www.suse.com/security/cve/CVE-2024-50085/", }, { category: "self", summary: "SUSE CVE CVE-2024-50086 page", url: "https://www.suse.com/security/cve/CVE-2024-50086/", }, { category: "self", summary: "SUSE CVE CVE-2024-50087 page", url: "https://www.suse.com/security/cve/CVE-2024-50087/", }, { category: "self", summary: "SUSE CVE CVE-2024-50088 page", url: "https://www.suse.com/security/cve/CVE-2024-50088/", }, { category: "self", summary: "SUSE CVE CVE-2024-50089 page", url: "https://www.suse.com/security/cve/CVE-2024-50089/", }, { category: "self", summary: "SUSE CVE CVE-2024-50090 page", url: "https://www.suse.com/security/cve/CVE-2024-50090/", }, { category: "self", summary: "SUSE CVE CVE-2024-50091 page", url: "https://www.suse.com/security/cve/CVE-2024-50091/", }, { category: "self", summary: "SUSE CVE CVE-2024-50092 page", url: "https://www.suse.com/security/cve/CVE-2024-50092/", }, { category: "self", summary: "SUSE CVE CVE-2024-50093 page", url: "https://www.suse.com/security/cve/CVE-2024-50093/", }, { category: "self", summary: "SUSE CVE CVE-2024-50094 page", url: "https://www.suse.com/security/cve/CVE-2024-50094/", }, { category: "self", summary: "SUSE CVE CVE-2024-50095 page", url: "https://www.suse.com/security/cve/CVE-2024-50095/", }, { category: "self", summary: "SUSE CVE CVE-2024-50096 page", url: "https://www.suse.com/security/cve/CVE-2024-50096/", }, { category: "self", summary: "SUSE CVE CVE-2024-50097 page", url: "https://www.suse.com/security/cve/CVE-2024-50097/", }, { category: "self", summary: "SUSE CVE CVE-2024-50098 page", url: "https://www.suse.com/security/cve/CVE-2024-50098/", }, { category: "self", summary: "SUSE CVE CVE-2024-50099 page", url: "https://www.suse.com/security/cve/CVE-2024-50099/", }, { category: "self", summary: "SUSE CVE CVE-2024-50100 page", url: "https://www.suse.com/security/cve/CVE-2024-50100/", }, { category: "self", summary: "SUSE CVE CVE-2024-50101 page", url: "https://www.suse.com/security/cve/CVE-2024-50101/", }, { category: "self", summary: "SUSE CVE CVE-2024-50102 page", url: "https://www.suse.com/security/cve/CVE-2024-50102/", }, { category: "self", summary: "SUSE CVE CVE-2024-50103 page", url: "https://www.suse.com/security/cve/CVE-2024-50103/", }, { category: "self", summary: "SUSE CVE CVE-2024-50104 page", url: "https://www.suse.com/security/cve/CVE-2024-50104/", }, { category: "self", summary: "SUSE CVE CVE-2024-50105 page", url: "https://www.suse.com/security/cve/CVE-2024-50105/", }, { category: "self", summary: "SUSE CVE CVE-2024-50106 page", url: "https://www.suse.com/security/cve/CVE-2024-50106/", }, { category: "self", summary: "SUSE CVE CVE-2024-50107 page", url: "https://www.suse.com/security/cve/CVE-2024-50107/", }, { category: "self", summary: "SUSE CVE CVE-2024-50108 page", url: "https://www.suse.com/security/cve/CVE-2024-50108/", }, { category: "self", summary: "SUSE CVE CVE-2024-50109 page", url: "https://www.suse.com/security/cve/CVE-2024-50109/", }, { category: "self", summary: "SUSE CVE CVE-2024-50110 page", url: "https://www.suse.com/security/cve/CVE-2024-50110/", }, { category: "self", summary: "SUSE CVE CVE-2024-50111 page", url: "https://www.suse.com/security/cve/CVE-2024-50111/", }, { category: "self", summary: "SUSE CVE CVE-2024-50112 page", url: "https://www.suse.com/security/cve/CVE-2024-50112/", }, { category: "self", summary: "SUSE CVE CVE-2024-50113 page", url: "https://www.suse.com/security/cve/CVE-2024-50113/", }, { category: "self", summary: "SUSE CVE CVE-2024-50114 page", url: "https://www.suse.com/security/cve/CVE-2024-50114/", }, { category: "self", summary: "SUSE CVE CVE-2024-50115 page", url: "https://www.suse.com/security/cve/CVE-2024-50115/", }, { category: "self", summary: "SUSE CVE CVE-2024-50116 page", url: "https://www.suse.com/security/cve/CVE-2024-50116/", }, { category: "self", summary: "SUSE CVE CVE-2024-50117 page", url: "https://www.suse.com/security/cve/CVE-2024-50117/", }, { category: "self", summary: "SUSE CVE CVE-2024-50118 page", url: "https://www.suse.com/security/cve/CVE-2024-50118/", }, { category: "self", summary: "SUSE CVE CVE-2024-50119 page", url: "https://www.suse.com/security/cve/CVE-2024-50119/", }, { category: "self", summary: "SUSE CVE CVE-2024-50120 page", url: "https://www.suse.com/security/cve/CVE-2024-50120/", }, { category: "self", summary: "SUSE CVE CVE-2024-50121 page", url: "https://www.suse.com/security/cve/CVE-2024-50121/", }, { category: "self", summary: "SUSE CVE CVE-2024-50122 page", url: "https://www.suse.com/security/cve/CVE-2024-50122/", }, { category: "self", summary: "SUSE CVE CVE-2024-50123 page", url: "https://www.suse.com/security/cve/CVE-2024-50123/", }, { category: "self", summary: "SUSE CVE CVE-2024-50124 page", url: "https://www.suse.com/security/cve/CVE-2024-50124/", }, { category: "self", summary: "SUSE CVE CVE-2024-50125 page", url: "https://www.suse.com/security/cve/CVE-2024-50125/", }, { category: "self", summary: "SUSE CVE CVE-2024-50126 page", url: "https://www.suse.com/security/cve/CVE-2024-50126/", }, { category: "self", summary: "SUSE CVE CVE-2024-50127 page", url: "https://www.suse.com/security/cve/CVE-2024-50127/", }, { category: "self", summary: "SUSE CVE CVE-2024-50128 page", url: "https://www.suse.com/security/cve/CVE-2024-50128/", }, { category: "self", summary: "SUSE CVE CVE-2024-50129 page", url: "https://www.suse.com/security/cve/CVE-2024-50129/", }, { category: "self", summary: "SUSE CVE CVE-2024-50130 page", url: "https://www.suse.com/security/cve/CVE-2024-50130/", }, { category: "self", summary: "SUSE CVE CVE-2024-50131 page", url: "https://www.suse.com/security/cve/CVE-2024-50131/", }, { category: "self", summary: "SUSE CVE CVE-2024-50132 page", url: "https://www.suse.com/security/cve/CVE-2024-50132/", }, { category: "self", summary: "SUSE CVE CVE-2024-50133 page", url: "https://www.suse.com/security/cve/CVE-2024-50133/", }, { category: "self", summary: "SUSE CVE CVE-2024-50134 page", url: "https://www.suse.com/security/cve/CVE-2024-50134/", }, { category: "self", summary: "SUSE CVE CVE-2024-50135 page", url: "https://www.suse.com/security/cve/CVE-2024-50135/", }, { category: "self", summary: "SUSE CVE CVE-2024-50136 page", url: "https://www.suse.com/security/cve/CVE-2024-50136/", }, { category: "self", summary: "SUSE CVE CVE-2024-50137 page", url: "https://www.suse.com/security/cve/CVE-2024-50137/", }, { category: "self", summary: "SUSE CVE CVE-2024-50138 page", url: "https://www.suse.com/security/cve/CVE-2024-50138/", }, { category: "self", summary: "SUSE CVE CVE-2024-50139 page", url: "https://www.suse.com/security/cve/CVE-2024-50139/", }, { category: "self", summary: "SUSE CVE CVE-2024-50140 page", url: "https://www.suse.com/security/cve/CVE-2024-50140/", }, { category: "self", summary: "SUSE CVE CVE-2024-50141 page", url: "https://www.suse.com/security/cve/CVE-2024-50141/", }, { category: "self", summary: "SUSE CVE CVE-2024-50142 page", url: "https://www.suse.com/security/cve/CVE-2024-50142/", }, { category: "self", summary: "SUSE CVE CVE-2024-50143 page", url: "https://www.suse.com/security/cve/CVE-2024-50143/", }, { category: "self", summary: "SUSE CVE CVE-2024-50144 page", url: "https://www.suse.com/security/cve/CVE-2024-50144/", }, { category: "self", summary: "SUSE CVE CVE-2024-50145 page", url: "https://www.suse.com/security/cve/CVE-2024-50145/", }, { category: "self", summary: "SUSE CVE CVE-2024-50146 page", url: "https://www.suse.com/security/cve/CVE-2024-50146/", }, { category: "self", summary: "SUSE CVE CVE-2024-50147 page", url: "https://www.suse.com/security/cve/CVE-2024-50147/", }, { category: "self", summary: "SUSE CVE CVE-2024-50148 page", url: "https://www.suse.com/security/cve/CVE-2024-50148/", }, { category: "self", summary: "SUSE CVE CVE-2024-50149 page", url: "https://www.suse.com/security/cve/CVE-2024-50149/", }, { category: "self", summary: "SUSE CVE CVE-2024-50150 page", url: "https://www.suse.com/security/cve/CVE-2024-50150/", }, { category: "self", summary: "SUSE CVE CVE-2024-50151 page", url: "https://www.suse.com/security/cve/CVE-2024-50151/", }, { category: "self", summary: "SUSE CVE CVE-2024-50152 page", url: "https://www.suse.com/security/cve/CVE-2024-50152/", }, { category: "self", summary: "SUSE CVE CVE-2024-50153 page", url: "https://www.suse.com/security/cve/CVE-2024-50153/", }, { category: "self", summary: "SUSE CVE CVE-2024-50154 page", url: "https://www.suse.com/security/cve/CVE-2024-50154/", }, { category: "self", summary: "SUSE CVE CVE-2024-50155 page", url: "https://www.suse.com/security/cve/CVE-2024-50155/", }, { category: "self", summary: "SUSE CVE CVE-2024-50156 page", url: "https://www.suse.com/security/cve/CVE-2024-50156/", }, { category: "self", summary: "SUSE CVE CVE-2024-50157 page", url: "https://www.suse.com/security/cve/CVE-2024-50157/", }, { category: "self", summary: "SUSE CVE CVE-2024-50158 page", url: "https://www.suse.com/security/cve/CVE-2024-50158/", }, { category: "self", summary: "SUSE CVE CVE-2024-50159 page", url: "https://www.suse.com/security/cve/CVE-2024-50159/", }, { category: "self", summary: "SUSE CVE CVE-2024-50160 page", url: "https://www.suse.com/security/cve/CVE-2024-50160/", }, { category: "self", summary: "SUSE CVE CVE-2024-50161 page", url: "https://www.suse.com/security/cve/CVE-2024-50161/", }, { category: "self", summary: "SUSE CVE CVE-2024-50162 page", url: "https://www.suse.com/security/cve/CVE-2024-50162/", }, { category: "self", summary: "SUSE CVE CVE-2024-50163 page", url: "https://www.suse.com/security/cve/CVE-2024-50163/", }, { category: "self", summary: "SUSE CVE CVE-2024-50164 page", url: "https://www.suse.com/security/cve/CVE-2024-50164/", }, { category: "self", summary: "SUSE CVE CVE-2024-50165 page", url: "https://www.suse.com/security/cve/CVE-2024-50165/", }, { category: "self", summary: "SUSE CVE CVE-2024-50166 page", url: "https://www.suse.com/security/cve/CVE-2024-50166/", }, { category: "self", summary: "SUSE CVE CVE-2024-50167 page", url: "https://www.suse.com/security/cve/CVE-2024-50167/", }, { category: "self", summary: "SUSE CVE CVE-2024-50168 page", url: "https://www.suse.com/security/cve/CVE-2024-50168/", }, { category: "self", summary: "SUSE CVE CVE-2024-50170 page", url: "https://www.suse.com/security/cve/CVE-2024-50170/", }, { category: "self", summary: "SUSE CVE CVE-2024-50171 page", url: "https://www.suse.com/security/cve/CVE-2024-50171/", }, { category: "self", summary: "SUSE CVE CVE-2024-50172 page", url: "https://www.suse.com/security/cve/CVE-2024-50172/", }, { category: "self", summary: "SUSE CVE CVE-2024-50173 page", url: "https://www.suse.com/security/cve/CVE-2024-50173/", }, { category: "self", summary: "SUSE CVE CVE-2024-50174 page", url: "https://www.suse.com/security/cve/CVE-2024-50174/", }, { category: "self", summary: "SUSE CVE CVE-2024-50175 page", url: "https://www.suse.com/security/cve/CVE-2024-50175/", }, { category: "self", summary: "SUSE CVE CVE-2024-50176 page", url: "https://www.suse.com/security/cve/CVE-2024-50176/", }, { category: "self", summary: "SUSE CVE CVE-2024-50177 page", url: "https://www.suse.com/security/cve/CVE-2024-50177/", }, { category: "self", summary: "SUSE CVE CVE-2024-50178 page", url: "https://www.suse.com/security/cve/CVE-2024-50178/", }, { category: "self", summary: "SUSE CVE CVE-2024-50179 page", url: "https://www.suse.com/security/cve/CVE-2024-50179/", }, { category: "self", summary: "SUSE CVE CVE-2024-50180 page", url: "https://www.suse.com/security/cve/CVE-2024-50180/", }, { category: "self", summary: "SUSE CVE CVE-2024-50181 page", url: "https://www.suse.com/security/cve/CVE-2024-50181/", }, { category: "self", summary: "SUSE CVE CVE-2024-50182 page", url: "https://www.suse.com/security/cve/CVE-2024-50182/", }, { category: "self", summary: "SUSE CVE CVE-2024-50183 page", url: "https://www.suse.com/security/cve/CVE-2024-50183/", }, { category: "self", summary: "SUSE CVE CVE-2024-50184 page", url: "https://www.suse.com/security/cve/CVE-2024-50184/", }, { category: "self", summary: "SUSE CVE CVE-2024-50185 page", url: "https://www.suse.com/security/cve/CVE-2024-50185/", }, { category: "self", summary: "SUSE CVE CVE-2024-50186 page", url: "https://www.suse.com/security/cve/CVE-2024-50186/", }, { category: "self", summary: "SUSE CVE CVE-2024-50187 page", url: "https://www.suse.com/security/cve/CVE-2024-50187/", }, { category: "self", summary: "SUSE CVE CVE-2024-50188 page", url: "https://www.suse.com/security/cve/CVE-2024-50188/", }, { category: "self", summary: "SUSE CVE CVE-2024-50189 page", url: "https://www.suse.com/security/cve/CVE-2024-50189/", }, { category: "self", summary: "SUSE CVE CVE-2024-50190 page", url: "https://www.suse.com/security/cve/CVE-2024-50190/", }, { category: "self", summary: "SUSE CVE CVE-2024-50191 page", url: "https://www.suse.com/security/cve/CVE-2024-50191/", }, { category: "self", summary: "SUSE CVE CVE-2024-50192 page", url: "https://www.suse.com/security/cve/CVE-2024-50192/", }, { category: "self", summary: "SUSE CVE CVE-2024-50193 page", url: "https://www.suse.com/security/cve/CVE-2024-50193/", }, { category: "self", summary: "SUSE CVE CVE-2024-50194 page", url: "https://www.suse.com/security/cve/CVE-2024-50194/", }, { category: "self", summary: "SUSE CVE CVE-2024-50195 page", url: "https://www.suse.com/security/cve/CVE-2024-50195/", }, { category: "self", summary: "SUSE CVE CVE-2024-50196 page", url: "https://www.suse.com/security/cve/CVE-2024-50196/", }, { category: "self", summary: "SUSE CVE CVE-2024-50197 page", url: "https://www.suse.com/security/cve/CVE-2024-50197/", }, { category: "self", summary: "SUSE CVE CVE-2024-50198 page", url: "https://www.suse.com/security/cve/CVE-2024-50198/", }, { category: "self", summary: "SUSE CVE CVE-2024-50199 page", url: "https://www.suse.com/security/cve/CVE-2024-50199/", }, { category: "self", summary: "SUSE CVE CVE-2024-50200 page", url: "https://www.suse.com/security/cve/CVE-2024-50200/", }, { category: "self", summary: "SUSE CVE CVE-2024-50201 page", url: "https://www.suse.com/security/cve/CVE-2024-50201/", }, { category: "self", summary: "SUSE CVE CVE-2024-50205 page", url: "https://www.suse.com/security/cve/CVE-2024-50205/", }, { category: "self", summary: "SUSE CVE CVE-2024-50206 page", url: "https://www.suse.com/security/cve/CVE-2024-50206/", }, { category: "self", summary: "SUSE CVE CVE-2024-50207 page", url: "https://www.suse.com/security/cve/CVE-2024-50207/", }, { category: "self", summary: "SUSE CVE CVE-2024-50208 page", url: "https://www.suse.com/security/cve/CVE-2024-50208/", }, { category: "self", summary: "SUSE CVE CVE-2024-50209 page", url: "https://www.suse.com/security/cve/CVE-2024-50209/", }, { category: "self", summary: "SUSE CVE CVE-2024-50210 page", url: "https://www.suse.com/security/cve/CVE-2024-50210/", }, { category: "self", summary: "SUSE CVE CVE-2024-50211 page", url: "https://www.suse.com/security/cve/CVE-2024-50211/", }, { category: "self", summary: "SUSE CVE CVE-2024-50212 page", url: "https://www.suse.com/security/cve/CVE-2024-50212/", }, { category: "self", summary: "SUSE CVE CVE-2024-50213 page", url: "https://www.suse.com/security/cve/CVE-2024-50213/", }, { category: "self", summary: "SUSE CVE CVE-2024-50214 page", url: "https://www.suse.com/security/cve/CVE-2024-50214/", }, { category: "self", summary: "SUSE CVE CVE-2024-50215 page", url: "https://www.suse.com/security/cve/CVE-2024-50215/", }, { category: "self", summary: "SUSE CVE CVE-2024-50216 page", url: "https://www.suse.com/security/cve/CVE-2024-50216/", }, { category: "self", summary: "SUSE CVE CVE-2024-50217 page", url: "https://www.suse.com/security/cve/CVE-2024-50217/", }, { category: "self", summary: "SUSE CVE CVE-2024-50218 page", url: "https://www.suse.com/security/cve/CVE-2024-50218/", }, { category: "self", summary: "SUSE CVE CVE-2024-50220 page", url: "https://www.suse.com/security/cve/CVE-2024-50220/", }, { category: "self", summary: "SUSE CVE CVE-2024-50221 page", url: "https://www.suse.com/security/cve/CVE-2024-50221/", }, { category: "self", summary: "SUSE CVE CVE-2024-50222 page", url: "https://www.suse.com/security/cve/CVE-2024-50222/", }, { category: "self", summary: "SUSE CVE CVE-2024-50223 page", url: "https://www.suse.com/security/cve/CVE-2024-50223/", }, { category: "self", summary: "SUSE CVE CVE-2024-50224 page", url: "https://www.suse.com/security/cve/CVE-2024-50224/", }, { category: "self", summary: "SUSE CVE CVE-2024-50225 page", url: "https://www.suse.com/security/cve/CVE-2024-50225/", }, { category: "self", summary: "SUSE CVE CVE-2024-50226 page", url: "https://www.suse.com/security/cve/CVE-2024-50226/", }, { category: "self", summary: "SUSE CVE CVE-2024-50227 page", url: "https://www.suse.com/security/cve/CVE-2024-50227/", }, { category: "self", summary: "SUSE CVE CVE-2024-50228 page", url: "https://www.suse.com/security/cve/CVE-2024-50228/", }, { category: "self", summary: "SUSE CVE CVE-2024-50229 page", url: "https://www.suse.com/security/cve/CVE-2024-50229/", }, { category: "self", summary: "SUSE CVE CVE-2024-50230 page", url: "https://www.suse.com/security/cve/CVE-2024-50230/", }, { category: "self", summary: "SUSE CVE CVE-2024-50231 page", url: "https://www.suse.com/security/cve/CVE-2024-50231/", }, { category: "self", summary: "SUSE CVE CVE-2024-50232 page", url: "https://www.suse.com/security/cve/CVE-2024-50232/", }, { category: "self", summary: "SUSE CVE CVE-2024-50233 page", url: "https://www.suse.com/security/cve/CVE-2024-50233/", }, { category: "self", summary: "SUSE CVE CVE-2024-50234 page", url: "https://www.suse.com/security/cve/CVE-2024-50234/", }, { category: "self", summary: "SUSE CVE CVE-2024-50235 page", url: "https://www.suse.com/security/cve/CVE-2024-50235/", }, { category: "self", summary: "SUSE CVE CVE-2024-50236 page", url: "https://www.suse.com/security/cve/CVE-2024-50236/", }, { category: "self", summary: "SUSE CVE CVE-2024-50237 page", url: "https://www.suse.com/security/cve/CVE-2024-50237/", }, { category: "self", summary: "SUSE CVE CVE-2024-50238 page", url: "https://www.suse.com/security/cve/CVE-2024-50238/", }, { category: "self", summary: "SUSE CVE CVE-2024-50239 page", url: "https://www.suse.com/security/cve/CVE-2024-50239/", }, { category: "self", summary: "SUSE CVE CVE-2024-50240 page", url: "https://www.suse.com/security/cve/CVE-2024-50240/", }, { category: "self", summary: "SUSE CVE CVE-2024-50241 page", url: "https://www.suse.com/security/cve/CVE-2024-50241/", }, { category: "self", summary: "SUSE CVE CVE-2024-50242 page", url: "https://www.suse.com/security/cve/CVE-2024-50242/", }, { category: "self", summary: "SUSE CVE CVE-2024-50243 page", url: "https://www.suse.com/security/cve/CVE-2024-50243/", }, { category: "self", summary: "SUSE CVE CVE-2024-50244 page", url: "https://www.suse.com/security/cve/CVE-2024-50244/", }, { category: "self", summary: "SUSE CVE CVE-2024-50245 page", url: "https://www.suse.com/security/cve/CVE-2024-50245/", }, { category: "self", summary: "SUSE CVE CVE-2024-50246 page", url: "https://www.suse.com/security/cve/CVE-2024-50246/", }, { category: "self", summary: "SUSE CVE CVE-2024-50247 page", url: "https://www.suse.com/security/cve/CVE-2024-50247/", }, { category: "self", summary: "SUSE CVE CVE-2024-50248 page", url: "https://www.suse.com/security/cve/CVE-2024-50248/", }, { category: "self", summary: "SUSE CVE CVE-2024-50249 page", url: "https://www.suse.com/security/cve/CVE-2024-50249/", }, { category: "self", summary: "SUSE CVE CVE-2024-50250 page", url: "https://www.suse.com/security/cve/CVE-2024-50250/", }, { category: "self", summary: "SUSE CVE CVE-2024-50251 page", url: "https://www.suse.com/security/cve/CVE-2024-50251/", }, { category: "self", summary: "SUSE CVE CVE-2024-50252 page", url: "https://www.suse.com/security/cve/CVE-2024-50252/", }, { category: "self", summary: "SUSE CVE CVE-2024-50253 page", url: "https://www.suse.com/security/cve/CVE-2024-50253/", }, { category: "self", summary: "SUSE CVE CVE-2024-50254 page", url: "https://www.suse.com/security/cve/CVE-2024-50254/", }, { category: "self", summary: "SUSE CVE CVE-2024-50255 page", url: "https://www.suse.com/security/cve/CVE-2024-50255/", }, { category: "self", summary: "SUSE CVE CVE-2024-50256 page", url: "https://www.suse.com/security/cve/CVE-2024-50256/", }, { category: "self", summary: "SUSE CVE CVE-2024-50257 page", url: "https://www.suse.com/security/cve/CVE-2024-50257/", }, { category: "self", summary: "SUSE CVE CVE-2024-50258 page", url: "https://www.suse.com/security/cve/CVE-2024-50258/", }, { category: "self", summary: "SUSE CVE CVE-2024-50259 page", url: "https://www.suse.com/security/cve/CVE-2024-50259/", }, { category: "self", summary: "SUSE CVE CVE-2024-50260 page", url: "https://www.suse.com/security/cve/CVE-2024-50260/", }, { category: "self", summary: "SUSE CVE CVE-2024-50261 page", url: "https://www.suse.com/security/cve/CVE-2024-50261/", }, { category: "self", summary: "SUSE CVE CVE-2024-50262 page", url: "https://www.suse.com/security/cve/CVE-2024-50262/", }, { category: "self", summary: "SUSE CVE CVE-2024-50263 page", url: "https://www.suse.com/security/cve/CVE-2024-50263/", }, ], title: "kernel-devel-longterm-6.12.11-1.1 on GA media", tracking: { current_release_date: "2025-01-28T00:00:00Z", generator: { date: "2025-01-28T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14705-1", initial_release_date: "2025-01-28T00:00:00Z", revision_history: [ { date: "2025-01-28T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.12.11-1.1.aarch64", product: { name: "kernel-devel-longterm-6.12.11-1.1.aarch64", product_id: "kernel-devel-longterm-6.12.11-1.1.aarch64", }, }, { category: "product_version", name: "kernel-source-longterm-6.12.11-1.1.aarch64", product: { name: "kernel-source-longterm-6.12.11-1.1.aarch64", product_id: "kernel-source-longterm-6.12.11-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.12.11-1.1.ppc64le", product: { name: "kernel-devel-longterm-6.12.11-1.1.ppc64le", product_id: "kernel-devel-longterm-6.12.11-1.1.ppc64le", }, }, { category: "product_version", name: "kernel-source-longterm-6.12.11-1.1.ppc64le", product: { name: "kernel-source-longterm-6.12.11-1.1.ppc64le", product_id: "kernel-source-longterm-6.12.11-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.12.11-1.1.s390x", product: { name: "kernel-devel-longterm-6.12.11-1.1.s390x", product_id: "kernel-devel-longterm-6.12.11-1.1.s390x", }, }, { category: "product_version", name: "kernel-source-longterm-6.12.11-1.1.s390x", product: { name: "kernel-source-longterm-6.12.11-1.1.s390x", product_id: "kernel-source-longterm-6.12.11-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-devel-longterm-6.12.11-1.1.x86_64", product: { name: "kernel-devel-longterm-6.12.11-1.1.x86_64", product_id: "kernel-devel-longterm-6.12.11-1.1.x86_64", }, }, { category: "product_version", name: "kernel-source-longterm-6.12.11-1.1.x86_64", product: { name: "kernel-source-longterm-6.12.11-1.1.x86_64", product_id: "kernel-source-longterm-6.12.11-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.12.11-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", }, product_reference: "kernel-devel-longterm-6.12.11-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.12.11-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", }, product_reference: "kernel-devel-longterm-6.12.11-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.12.11-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", }, product_reference: "kernel-devel-longterm-6.12.11-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-longterm-6.12.11-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", }, product_reference: "kernel-devel-longterm-6.12.11-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.12.11-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", }, product_reference: "kernel-source-longterm-6.12.11-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.12.11-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", }, product_reference: "kernel-source-longterm-6.12.11-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.12.11-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", }, product_reference: "kernel-source-longterm-6.12.11-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "kernel-source-longterm-6.12.11-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", }, product_reference: "kernel-source-longterm-6.12.11-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2023-28746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-28746", }, ], notes: [ { category: "general", text: "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-28746", url: "https://www.suse.com/security/cve/CVE-2023-28746", }, { category: "external", summary: "SUSE Bug 1213456 for CVE-2023-28746", url: "https://bugzilla.suse.com/1213456", }, { category: "external", summary: "SUSE Bug 1221323 for CVE-2023-28746", url: "https://bugzilla.suse.com/1221323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-28746", }, { cve: "CVE-2023-47233", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-47233", }, ], notes: [ { category: "general", text: "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-47233", url: "https://www.suse.com/security/cve/CVE-2023-47233", }, { category: "external", summary: "SUSE Bug 1216702 for CVE-2023-47233", url: "https://bugzilla.suse.com/1216702", }, { category: "external", summary: "SUSE Bug 1224592 for CVE-2023-47233", url: "https://bugzilla.suse.com/1224592", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-47233", }, { cve: "CVE-2023-52429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52429", }, ], notes: [ { category: "general", text: "dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52429", url: "https://www.suse.com/security/cve/CVE-2023-52429", }, { category: "external", summary: "SUSE Bug 1219827 for CVE-2023-52429", url: "https://bugzilla.suse.com/1219827", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52429", }, { cve: "CVE-2023-52456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52456", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: imx: fix tx statemachine deadlock\n\nWhen using the serial port as RS485 port, the tx statemachine is used to\ncontrol the RTS pin to drive the RS485 transceiver TX_EN pin. When the\nTTY port is closed in the middle of a transmission (for instance during\nuserland application crash), imx_uart_shutdown disables the interface\nand disables the Transmission Complete interrupt. afer that,\nimx_uart_stop_tx bails on an incomplete transmission, to be retriggered\nby the TC interrupt. This interrupt is disabled and therefore the tx\nstatemachine never transitions out of SEND. The statemachine is in\ndeadlock now, and the TX_EN remains low, making the interface useless.\n\nimx_uart_stop_tx now checks for incomplete transmission AND whether TC\ninterrupts are enabled before bailing to be retriggered. This makes sure\nthe state machine handling is reached, and is properly set to\nWAIT_AFTER_SEND.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52456", url: "https://www.suse.com/security/cve/CVE-2023-52456", }, { category: "external", summary: "SUSE Bug 1220364 for CVE-2023-52456", url: "https://bugzilla.suse.com/1220364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2023-52456", }, { cve: "CVE-2023-52457", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52457", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed\n\nReturning an error code from .remove() makes the driver core emit the\nlittle helpful error message:\n\n\tremove callback returned a non-zero value. This will be ignored.\n\nand then remove the device anyhow. So all resources that were not freed\nare leaked in this case. Skipping serial8250_unregister_port() has the\npotential to keep enough of the UART around to trigger a use-after-free.\n\nSo replace the error return (and with it the little helpful error\nmessage) by a more useful error message and continue to cleanup.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52457", url: "https://www.suse.com/security/cve/CVE-2023-52457", }, { category: "external", summary: "SUSE Bug 1220350 for CVE-2023-52457", url: "https://bugzilla.suse.com/1220350", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52457", }, { cve: "CVE-2023-52459", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52459", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l: async: Fix duplicated list deletion\n\nThe list deletion call dropped here is already called from the\nhelper function in the line before. Having a second list_del()\ncall results in either a warning (with CONFIG_DEBUG_LIST=y):\n\nlist_del corruption, c46c8198->next is LIST_POISON1 (00000100)\n\nIf CONFIG_DEBUG_LIST is disabled the operation results in a\nkernel error due to NULL pointer dereference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52459", url: "https://www.suse.com/security/cve/CVE-2023-52459", }, { category: "external", summary: "SUSE Bug 1220318 for CVE-2023-52459", url: "https://bugzilla.suse.com/1220318", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52459", }, { cve: "CVE-2023-52461", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52461", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix bounds limiting when given a malformed entity\n\nIf we're given a malformed entity in drm_sched_entity_init()--shouldn't\nhappen, but we verify--with out-of-bounds priority value, we set it to an\nallowed value. Fix the expression which sets this limit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52461", url: "https://www.suse.com/security/cve/CVE-2023-52461", }, { category: "external", summary: "SUSE Bug 1220322 for CVE-2023-52461", url: "https://bugzilla.suse.com/1220322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52461", }, { cve: "CVE-2023-52917", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52917", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52917", url: "https://www.suse.com/security/cve/CVE-2023-52917", }, { category: "external", summary: "SUSE Bug 1231849 for CVE-2023-52917", url: "https://bugzilla.suse.com/1231849", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-52917", }, { cve: "CVE-2023-6270", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-6270", }, ], notes: [ { category: "general", text: "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-6270", url: "https://www.suse.com/security/cve/CVE-2023-6270", }, { category: "external", summary: "SUSE Bug 1218562 for CVE-2023-6270", url: "https://bugzilla.suse.com/1218562", }, { category: "external", summary: "SUSE Bug 1218813 for CVE-2023-6270", url: "https://bugzilla.suse.com/1218813", }, { category: "external", summary: "SUSE Bug 1221578 for CVE-2023-6270", url: "https://bugzilla.suse.com/1221578", }, { category: "external", summary: "SUSE Bug 1221598 for CVE-2023-6270", url: "https://bugzilla.suse.com/1221598", }, { category: "external", summary: "SUSE Bug 1223016 for CVE-2023-6270", url: "https://bugzilla.suse.com/1223016", }, { category: "external", summary: "SUSE Bug 1227675 for CVE-2023-6270", url: "https://bugzilla.suse.com/1227675", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-6270", }, { cve: "CVE-2023-6535", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-6535", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-6535", url: "https://www.suse.com/security/cve/CVE-2023-6535", }, { category: "external", summary: "SUSE Bug 1217988 for CVE-2023-6535", url: "https://bugzilla.suse.com/1217988", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-6535", }, { cve: "CVE-2023-6536", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-6536", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-6536", url: "https://www.suse.com/security/cve/CVE-2023-6536", }, { category: "external", summary: "SUSE Bug 1217989 for CVE-2023-6536", url: "https://bugzilla.suse.com/1217989", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-6536", }, { cve: "CVE-2023-7042", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-7042", }, ], notes: [ { category: "general", text: "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-7042", url: "https://www.suse.com/security/cve/CVE-2023-7042", }, { category: "external", summary: "SUSE Bug 1218336 for CVE-2023-7042", url: "https://bugzilla.suse.com/1218336", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2023-7042", }, { cve: "CVE-2024-2201", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-2201", }, ], notes: [ { category: "general", text: "A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-2201", url: "https://www.suse.com/security/cve/CVE-2024-2201", }, { category: "external", summary: "SUSE Bug 1212111 for CVE-2024-2201", url: "https://bugzilla.suse.com/1212111", }, { category: "external", summary: "SUSE Bug 1217339 for CVE-2024-2201", url: "https://bugzilla.suse.com/1217339", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-2201", }, { cve: "CVE-2024-23307", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-23307", }, ], notes: [ { category: "general", text: "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-23307", url: "https://www.suse.com/security/cve/CVE-2024-23307", }, { category: "external", summary: "SUSE Bug 1219169 for CVE-2024-23307", url: "https://bugzilla.suse.com/1219169", }, { category: "external", summary: "SUSE Bug 1220145 for CVE-2024-23307", url: "https://bugzilla.suse.com/1220145", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-23307", }, { cve: "CVE-2024-23851", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-23851", }, ], notes: [ { category: "general", text: "copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-23851", url: "https://www.suse.com/security/cve/CVE-2024-23851", }, { category: "external", summary: "SUSE Bug 1219146 for CVE-2024-23851", url: "https://bugzilla.suse.com/1219146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-23851", }, { cve: "CVE-2024-24860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-24860", }, ], notes: [ { category: "general", text: "A race condition was found in the Linux kernel's bluetooth device driver in {min,max}_key_size_set() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.\n\n\n\n\n", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-24860", url: "https://www.suse.com/security/cve/CVE-2024-24860", }, { category: "external", summary: "SUSE Bug 1219608 for CVE-2024-24860", url: "https://bugzilla.suse.com/1219608", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-24860", }, { cve: "CVE-2024-26605", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-26605", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix deadlock when enabling ASPM\n\nA last minute revert in 6.7-final introduced a potential deadlock when\nenabling ASPM during probe of Qualcomm PCIe controllers as reported by\nlockdep:\n\n ============================================\n WARNING: possible recursive locking detected\n 6.7.0 #40 Not tainted\n --------------------------------------------\n kworker/u16:5/90 is trying to acquire lock:\n ffffacfa78ced000 (pci_bus_sem){++++}-{3:3}, at: pcie_aspm_pm_state_change+0x58/0xdc\n\n but task is already holding lock:\n ffffacfa78ced000 (pci_bus_sem){++++}-{3:3}, at: pci_walk_bus+0x34/0xbc\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(pci_bus_sem);\n lock(pci_bus_sem);\n\n *** DEADLOCK ***\n\n Call trace:\n print_deadlock_bug+0x25c/0x348\n __lock_acquire+0x10a4/0x2064\n lock_acquire+0x1e8/0x318\n down_read+0x60/0x184\n pcie_aspm_pm_state_change+0x58/0xdc\n pci_set_full_power_state+0xa8/0x114\n pci_set_power_state+0xc4/0x120\n qcom_pcie_enable_aspm+0x1c/0x3c [pcie_qcom]\n pci_walk_bus+0x64/0xbc\n qcom_pcie_host_post_init_2_7_0+0x28/0x34 [pcie_qcom]\n\nThe deadlock can easily be reproduced on machines like the Lenovo ThinkPad\nX13s by adding a delay to increase the race window during asynchronous\nprobe where another thread can take a write lock.\n\nAdd a new pci_set_power_state_locked() and associated helper functions that\ncan be called with the PCI bus semaphore held to avoid taking the read lock\ntwice.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-26605", url: "https://www.suse.com/security/cve/CVE-2024-26605", }, { category: "external", summary: "SUSE Bug 1220336 for CVE-2024-26605", url: "https://bugzilla.suse.com/1220336", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-26605", }, { cve: "CVE-2024-26862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-26862", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -> 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-26862", url: "https://www.suse.com/security/cve/CVE-2024-26862", }, { category: "external", summary: "SUSE Bug 1223111 for CVE-2024-26862", url: "https://bugzilla.suse.com/1223111", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-26862", }, { cve: "CVE-2024-26865", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-26865", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: tcp: Fix use-after-free of net in reqsk_timer_handler().\n\nsyzkaller reported a warning of netns tracker [0] followed by KASAN\nsplat [1] and another ref tracker warning [1].\n\nsyzkaller could not find a repro, but in the log, the only suspicious\nsequence was as follows:\n\n 18:26:22 executing program 1:\n r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)\n ...\n connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4001, 0x0, @loopback}, 0x1c) (async)\n\nThe notable thing here is 0x4001 in connect(), which is RDS_TCP_PORT.\n\nSo, the scenario would be:\n\n 1. unshare(CLONE_NEWNET) creates a per netns tcp listener in\n rds_tcp_listen_init().\n 2. syz-executor connect()s to it and creates a reqsk.\n 3. syz-executor exit()s immediately.\n 4. netns is dismantled. [0]\n 5. reqsk timer is fired, and UAF happens while freeing reqsk. [1]\n 6. listener is freed after RCU grace period. [2]\n\nBasically, reqsk assumes that the listener guarantees netns safety\nuntil all reqsk timers are expired by holding the listener's refcount.\nHowever, this was not the case for kernel sockets.\n\nCommit 740ea3c4a0b2 (\"tcp: Clean up kernel listener's reqsk in\ninet_twsk_purge()\") fixed this issue only for per-netns ehash.\n\nLet's apply the same fix for the global ehash.\n\n[0]:\nref_tracker: net notrefcnt@0000000065449cc3 has 1/1 users at\n sk_alloc (./include/net/net_namespace.h:337 net/core/sock.c:2146)\n inet6_create (net/ipv6/af_inet6.c:192 net/ipv6/af_inet6.c:119)\n __sock_create (net/socket.c:1572)\n rds_tcp_listen_init (net/rds/tcp_listen.c:279)\n rds_tcp_init_net (net/rds/tcp.c:577)\n ops_init (net/core/net_namespace.c:137)\n setup_net (net/core/net_namespace.c:340)\n copy_net_ns (net/core/net_namespace.c:497)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_namespaces (kernel/nsproxy.c:228 (discriminator 4))\n ksys_unshare (kernel/fork.c:3429)\n __x64_sys_unshare (kernel/fork.c:3496)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n...\nWARNING: CPU: 0 PID: 27 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\n\n[1]:\nBUG: KASAN: slab-use-after-free in inet_csk_reqsk_queue_drop (./include/net/inet_hashtables.h:180 net/ipv4/inet_connection_sock.c:952 net/ipv4/inet_connection_sock.c:966)\nRead of size 8 at addr ffff88801b370400 by task swapper/0/0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n <IRQ>\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))\n print_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n kasan_report (mm/kasan/report.c:603)\n inet_csk_reqsk_queue_drop (./include/net/inet_hashtables.h:180 net/ipv4/inet_connection_sock.c:952 net/ipv4/inet_connection_sock.c:966)\n reqsk_timer_handler (net/ipv4/inet_connection_sock.c:979 net/ipv4/inet_connection_sock.c:1092)\n call_timer_fn (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/timer.h:127 kernel/time/timer.c:1701)\n __run_timers.part.0 (kernel/time/timer.c:1752 kernel/time/timer.c:2038)\n run_timer_softirq (kernel/time/timer.c:2053)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:554)\n irq_exit_rcu (kernel/softirq.c:427 kernel/softirq.c:632 kernel/softirq.c:644)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1076 (discriminator 14))\n </IRQ>\n\nAllocated by task 258 on cpu 0 at 83.612050s:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:68)\n __kasan_slab_alloc (mm/kasan/common.c:343)\n kmem_cache_alloc (mm/slub.c:3813 mm/slub.c:3860 mm/slub.c:3867)\n copy_net_ns (./include/linux/slab.h:701 net/core/net_namespace.c:421 net/core/net_namespace.c:480)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_name\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-26865", url: "https://www.suse.com/security/cve/CVE-2024-26865", }, { category: "external", summary: "SUSE Bug 1223062 for CVE-2024-26865", url: "https://bugzilla.suse.com/1223062", }, { category: "external", summary: "SUSE Bug 1223063 for CVE-2024-26865", url: "https://bugzilla.suse.com/1223063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-26865", }, { cve: "CVE-2024-46869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-46869", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel_pcie: Allocate memory for driver private data\n\nFix driver not allocating memory for struct btintel_data which is used\nto store internal data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-46869", url: "https://www.suse.com/security/cve/CVE-2024-46869", }, { category: "external", summary: "SUSE Bug 1231173 for CVE-2024-46869", url: "https://bugzilla.suse.com/1231173", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-46869", }, { cve: "CVE-2024-47671", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47671", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbtmc: prevent kernel-usb-infoleak\n\nThe syzbot reported a kernel-usb-infoleak in usbtmc_write,\nwe need to clear the structure before filling fields.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47671", url: "https://www.suse.com/security/cve/CVE-2024-47671", }, { category: "external", summary: "SUSE Bug 1231541 for CVE-2024-47671", url: "https://bugzilla.suse.com/1231541", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-47671", }, { cve: "CVE-2024-47675", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47675", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix use-after-free in bpf_uprobe_multi_link_attach()\n\nIf bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the\nerror_free label and frees the array of bpf_uprobe's without calling\nbpf_uprobe_unregister().\n\nThis leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer\nwithout removing it from the uprobe->consumers list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47675", url: "https://www.suse.com/security/cve/CVE-2024-47675", }, { category: "external", summary: "SUSE Bug 1231926 for CVE-2024-47675", url: "https://bugzilla.suse.com/1231926", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47675", }, { cve: "CVE-2024-47676", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47676", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb.c: fix UAF of vma in hugetlb fault pathway\n\nSyzbot reports a UAF in hugetlb_fault(). This happens because\nvmf_anon_prepare() could drop the per-VMA lock and allow the current VMA\nto be freed before hugetlb_vma_unlock_read() is called.\n\nWe can fix this by using a modified version of vmf_anon_prepare() that\ndoesn't release the VMA lock on failure, and then release it ourselves\nafter hugetlb_vma_unlock_read().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47676", url: "https://www.suse.com/security/cve/CVE-2024-47676", }, { category: "external", summary: "SUSE Bug 1231927 for CVE-2024-47676", url: "https://bugzilla.suse.com/1231927", }, { category: "external", summary: "SUSE Bug 1232898 for CVE-2024-47676", url: "https://bugzilla.suse.com/1232898", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47676", }, { cve: "CVE-2024-47677", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47677", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: resolve memory leak from exfat_create_upcase_table()\n\nIf exfat_load_upcase_table reaches end and returns -EINVAL,\nallocated memory doesn't get freed and while\nexfat_load_default_upcase_table allocates more memory, leading to a\nmemory leak.\n\nHere's link to syzkaller crash report illustrating this issue:\nhttps://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47677", url: "https://www.suse.com/security/cve/CVE-2024-47677", }, { category: "external", summary: "SUSE Bug 1231853 for CVE-2024-47677", url: "https://bugzilla.suse.com/1231853", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47677", }, { cve: "CVE-2024-47678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47678", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: change the order of rate limits\n\nICMP messages are ratelimited :\n\nAfter the blamed commits, the two rate limiters are applied in this order:\n\n1) host wide ratelimit (icmp_global_allow())\n\n2) Per destination ratelimit (inetpeer based)\n\nIn order to avoid side-channels attacks, we need to apply\nthe per destination check first.\n\nThis patch makes the following change :\n\n1) icmp_global_allow() checks if the host wide limit is reached.\n But credits are not yet consumed. This is deferred to 3)\n\n2) The per destination limit is checked/updated.\n This might add a new node in inetpeer tree.\n\n3) icmp_global_consume() consumes tokens if prior operations succeeded.\n\nThis means that host wide ratelimit is still effective\nin keeping inetpeer tree small even under DDOS.\n\nAs a bonus, I removed icmp_global.lock as the fast path\ncan use a lock-free operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47678", url: "https://www.suse.com/security/cve/CVE-2024-47678", }, { category: "external", summary: "SUSE Bug 1231854 for CVE-2024-47678", url: "https://bugzilla.suse.com/1231854", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47678", }, { cve: "CVE-2024-47679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47679", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()&iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it'a race in vfs.\n\nLet's assume there's a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there's a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n ->spin_lock(inode)\n ->dec i_count to 0\n ->iput_final() generic_shutdown_super()\n ->__inode_add_lru() ->evict_inodes()\n // cause some reason[2] ->if (atomic_read(inode->i_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n ->spin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n ->find_inode()\n // found the above inode 261\n ->spin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n ->__iget()\n ->spin_unlock(inode) // schedule back\n ->spin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() ->spin_unlock(inode)\n ->spin_lock(inode)\t\t\t ->evict()\n // dec i_count to 0\n ->iput_final()\n ->spin_unlock()\n ->evict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode->i_state & I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode->i_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47679", url: "https://www.suse.com/security/cve/CVE-2024-47679", }, { category: "external", summary: "SUSE Bug 1231930 for CVE-2024-47679", url: "https://bugzilla.suse.com/1231930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47679", }, { cve: "CVE-2024-47680", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47680", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: check discard support for conventional zones\n\nAs the helper function f2fs_bdev_support_discard() shows, f2fs checks if\nthe target block devices support discard by calling\nbdev_max_discard_sectors() and bdev_is_zoned(). This check works well\nfor most cases, but it does not work for conventional zones on zoned\nblock devices. F2fs assumes that zoned block devices support discard,\nand calls __submit_discard_cmd(). When __submit_discard_cmd() is called\nfor sequential write required zones, it works fine since\n__submit_discard_cmd() issues zone reset commands instead of discard\ncommands. However, when __submit_discard_cmd() is called for\nconventional zones, __blkdev_issue_discard() is called even when the\ndevices do not support discard.\n\nThe inappropriate __blkdev_issue_discard() call was not a problem before\nthe commit 30f1e7241422 (\"block: move discard checks into the ioctl\nhandler\") because __blkdev_issue_discard() checked if the target devices\nsupport discard or not. If not, it returned EOPNOTSUPP. After the\ncommit, __blkdev_issue_discard() no longer checks it. It always returns\nzero and sets NULL to the given bio pointer. This NULL pointer triggers\nf2fs_bug_on() in __submit_discard_cmd(). The BUG is recreated with the\ncommands below at the umount step, where /dev/nullb0 is a zoned null_blk\nwith 5GB total size, 128MB zone size and 10 conventional zones.\n\n$ mkfs.f2fs -f -m /dev/nullb0\n$ mount /dev/nullb0 /mnt\n$ for ((i=0;i<5;i++)); do dd if=/dev/zero of=/mnt/test bs=65536 count=1600 conv=fsync; done\n$ umount /mnt\n\nTo fix the BUG, avoid the inappropriate __blkdev_issue_discard() call.\nWhen discard is requested for conventional zones, check if the device\nsupports discard or not. If not, return EOPNOTSUPP.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47680", url: "https://www.suse.com/security/cve/CVE-2024-47680", }, { category: "external", summary: "SUSE Bug 1231970 for CVE-2024-47680", url: "https://bugzilla.suse.com/1231970", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47680", }, { cve: "CVE-2024-47681", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47681", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he\n\nFix the NULL pointer dereference in mt7996_mcu_sta_bfer_he\nroutine adding an sta interface to the mt7996 driver.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47681", url: "https://www.suse.com/security/cve/CVE-2024-47681", }, { category: "external", summary: "SUSE Bug 1231855 for CVE-2024-47681", url: "https://bugzilla.suse.com/1231855", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47681", }, { cve: "CVE-2024-47682", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47682", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sd: Fix off-by-one error in sd_read_block_characteristics()\n\nFf the device returns page 0xb1 with length 8 (happens with qemu v2.x, for\nexample), sd_read_block_characteristics() may attempt an out-of-bounds\nmemory access when accessing the zoned field at offset 8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47682", url: "https://www.suse.com/security/cve/CVE-2024-47682", }, { category: "external", summary: "SUSE Bug 1231856 for CVE-2024-47682", url: "https://bugzilla.suse.com/1231856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47682", }, { cve: "CVE-2024-47683", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47683", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Skip Recompute DSC Params if no Stream on Link\n\n[why]\nEncounter NULL pointer dereference uner mst + dsc setup.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2\n Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022\n RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper]\n Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8>\n RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224\n RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280\n RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850\n R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000\n R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224\n FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0\n Call Trace:\n<TASK>\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? plist_add+0xbe/0x100\n ? exc_page_fault+0x7c/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026]\n compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054]\n drm_atomic_check_only+0x5c5/0xa40\n drm_mode_atomic_ioctl+0x76e/0xbc0\n\n[how]\ndsc recompute should be skipped if no mode change detected on the new\nrequest. If detected, keep checking whether the stream is already on\ncurrent state or not.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47683", url: "https://www.suse.com/security/cve/CVE-2024-47683", }, { category: "external", summary: "SUSE Bug 1231975 for CVE-2024-47683", url: "https://bugzilla.suse.com/1231975", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47683", }, { cve: "CVE-2024-47684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47684", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 <48> 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47684", url: "https://www.suse.com/security/cve/CVE-2024-47684", }, { category: "external", summary: "SUSE Bug 1231987 for CVE-2024-47684", url: "https://bugzilla.suse.com/1231987", }, { category: "external", summary: "SUSE Bug 1231993 for CVE-2024-47684", url: "https://bugzilla.suse.com/1231993", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47684", }, { cve: "CVE-2024-47685", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47685", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()\n\nsyzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending\ngarbage on the four reserved tcp bits (th->res1)\n\nUse skb_put_zero() to clear the whole TCP header,\nas done in nf_reject_ip_tcphdr_put()\n\nBUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775\n process_backlog+0x4ad/0xa50 net/core/dev.c:6108\n __napi_poll+0xe7/0x980 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963\n handle_softirqs+0x1ce/0x800 kernel/softirq.c:554\n __do_softirq+0x14/0x1a kernel/softirq.c:588\n do_softirq+0x9a/0x100 kernel/softirq.c:455\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline]\n __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\n neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565\n neigh_output include/net/neighbour.h:542 [inline]\n ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366\n inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135\n __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143\n tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333\n __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679\n inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750\n __sys_connect_file net/socket.c:2061 [inline]\n __sys_connect+0x606/0x690 net/socket.c:2078\n __do_sys_connect net/socket.c:2088 [inline]\n __se_sys_connect net/socket.c:2085 [inline]\n __x64_sys_connect+0x91/0xe0 net/socket.c:2085\n x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was stored to memory at:\n nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47685", url: "https://www.suse.com/security/cve/CVE-2024-47685", }, { category: "external", summary: "SUSE Bug 1231998 for CVE-2024-47685", url: "https://bugzilla.suse.com/1231998", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47685", }, { cve: "CVE-2024-47686", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47686", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()\n\nThe psc->div[] array has psc->num_div elements. These values come from\nwhen we call clk_hw_register_div(). It's adc_divisors and\nARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be >=\ninstead of > to prevent an out of bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47686", url: "https://www.suse.com/security/cve/CVE-2024-47686", }, { category: "external", summary: "SUSE Bug 1232000 for CVE-2024-47686", url: "https://bugzilla.suse.com/1232000", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-47686", }, { cve: "CVE-2024-47687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47687", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: Fix invalid mr resource destroy\n\nCertain error paths from mlx5_vdpa_dev_add() can end up releasing mr\nresources which never got initialized in the first place.\n\nThis patch adds the missing check in mlx5_vdpa_destroy_mr_resources()\nto block releasing non-initialized mr resources.\n\nReference trace:\n\n mlx5_core 0000:08:00.2: mlx5_vdpa_dev_add:3274:(pid 2700) warning: No mac address provisioned?\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 140216067 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 8 PID: 2700 Comm: vdpa Kdump: loaded Not tainted 5.14.0-496.el9.x86_64 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n Code: [...]\n RSP: 0018:ff1c823ac23077f0 EFLAGS: 00010246\n RAX: ffffffffc1a21a60 RBX: ffffffff899567a0 RCX: 0000000000000000\n RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ff1bda1f7c21e800 R08: 0000000000000000 R09: ff1c823ac2307670\n R10: ff1c823ac2307668 R11: ffffffff8a9e7b68 R12: 0000000000000000\n R13: 0000000000000000 R14: ff1bda1f43e341a0 R15: 00000000ffffffea\n FS: 00007f56eba7c740(0000) GS:ff1bda269f800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000104d90001 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n ? __die_body.cold+0x8/0xd\n ? page_fault_oops+0x134/0x170\n ? __irq_work_queue_local+0x2b/0xc0\n ? irq_work_queue+0x2c/0x50\n ? exc_page_fault+0x62/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_mlx5_vdpa_free+0x10/0x10 [mlx5_vdpa]\n ? vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n vdpa_release_dev+0x1e/0x50 [vdpa]\n device_release+0x31/0x90\n kobject_cleanup+0x37/0x130\n mlx5_vdpa_dev_add+0x2d2/0x7a0 [mlx5_vdpa]\n vdpa_nl_cmd_dev_add_set_doit+0x277/0x4c0 [vdpa]\n genl_family_rcv_msg_doit+0xd9/0x130\n genl_family_rcv_msg+0x14d/0x220\n ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa]\n ? _copy_to_user+0x1a/0x30\n ? move_addr_to_user+0x4b/0xe0\n genl_rcv_msg+0x47/0xa0\n ? __import_iovec+0x46/0x150\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x245/0x370\n netlink_sendmsg+0x206/0x440\n __sys_sendto+0x1dc/0x1f0\n ? do_read_fault+0x10c/0x1d0\n ? do_pte_missing+0x10d/0x190\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x5c/0xf0\n ? __count_memcg_events+0x4f/0xb0\n ? mm_account_fault+0x6c/0x100\n ? handle_mm_fault+0x116/0x270\n ? do_user_addr_fault+0x1d6/0x6a0\n ? do_syscall_64+0x6b/0xf0\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0x80", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47687", url: "https://www.suse.com/security/cve/CVE-2024-47687", }, { category: "external", summary: "SUSE Bug 1232003 for CVE-2024-47687", url: "https://bugzilla.suse.com/1232003", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47687", }, { cve: "CVE-2024-47688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47688", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: Fix a potential null-ptr-deref in module_add_driver()\n\nInject fault while probing of-fpga-region, if kasprintf() fails in\nmodule_add_driver(), the second sysfs_remove_link() in exit path will cause\nnull-ptr-deref as below because kernfs_name_hash() will call strlen() with\nNULL driver_name.\n\nFix it by releasing resources based on the exit path sequence.\n\n\t KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\t Mem abort info:\n\t ESR = 0x0000000096000005\n\t EC = 0x25: DABT (current EL), IL = 32 bits\n\t SET = 0, FnV = 0\n\t EA = 0, S1PTW = 0\n\t FSC = 0x05: level 1 translation fault\n\t Data abort info:\n\t ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n\t CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n\t GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n\t [dfffffc000000000] address between user and kernel address ranges\n\t Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n\t Dumping ftrace buffer:\n\t (ftrace buffer empty)\n\t Modules linked in: of_fpga_region(+) fpga_region fpga_bridge cfg80211 rfkill 8021q garp mrp stp llc ipv6 [last unloaded: of_fpga_region]\n\t CPU: 2 UID: 0 PID: 2036 Comm: modprobe Not tainted 6.11.0-rc2-g6a0e38264012 #295\n\t Hardware name: linux,dummy-virt (DT)\n\t pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\t pc : strlen+0x24/0xb0\n\t lr : kernfs_name_hash+0x1c/0xc4\n\t sp : ffffffc081f97380\n\t x29: ffffffc081f97380 x28: ffffffc081f97b90 x27: ffffff80c821c2a0\n\t x26: ffffffedac0be418 x25: 0000000000000000 x24: ffffff80c09d2000\n\t x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000\n\t x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000001840\n\t x17: 0000000000000000 x16: 0000000000000000 x15: 1ffffff8103f2e42\n\t x14: 00000000f1f1f1f1 x13: 0000000000000004 x12: ffffffb01812d61d\n\t x11: 1ffffff01812d61c x10: ffffffb01812d61c x9 : dfffffc000000000\n\t x8 : 0000004fe7ed29e4 x7 : ffffff80c096b0e7 x6 : 0000000000000001\n\t x5 : ffffff80c096b0e0 x4 : 1ffffffdb990efa2 x3 : 0000000000000000\n\t x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000000\n\t Call trace:\n\t strlen+0x24/0xb0\n\t kernfs_name_hash+0x1c/0xc4\n\t kernfs_find_ns+0x118/0x2e8\n\t kernfs_remove_by_name_ns+0x80/0x100\n\t sysfs_remove_link+0x74/0xa8\n\t module_add_driver+0x278/0x394\n\t bus_add_driver+0x1f0/0x43c\n\t driver_register+0xf4/0x3c0\n\t __platform_driver_register+0x60/0x88\n\t of_fpga_region_init+0x20/0x1000 [of_fpga_region]\n\t do_one_initcall+0x110/0x788\n\t do_init_module+0x1dc/0x5c8\n\t load_module+0x3c38/0x4cac\n\t init_module_from_file+0xd4/0x128\n\t idempotent_init_module+0x2cc/0x528\n\t __arm64_sys_finit_module+0xac/0x100\n\t invoke_syscall+0x6c/0x258\n\t el0_svc_common.constprop.0+0x160/0x22c\n\t do_el0_svc+0x44/0x5c\n\t el0_svc+0x48/0xb8\n\t el0t_64_sync_handler+0x13c/0x158\n\t el0t_64_sync+0x190/0x194\n\t Code: f2fbffe1 a90157f4 12000802 aa0003f5 (38e16861)\n\t ---[ end trace 0000000000000000 ]---\n\t Kernel panic - not syncing: Oops: Fatal exception", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47688", url: "https://www.suse.com/security/cve/CVE-2024-47688", }, { category: "external", summary: "SUSE Bug 1232009 for CVE-2024-47688", url: "https://bugzilla.suse.com/1232009", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47688", }, { cve: "CVE-2024-47689", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47689", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()\n\nsyzbot reports a f2fs bug as below:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177\nCPU: 1 UID: 0 PID: 58 Comm: kworker/1:2 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0\nWorkqueue: events destroy_super_work\nRIP: 0010:rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177\nCall Trace:\n percpu_free_rwsem+0x41/0x80 kernel/locking/percpu-rwsem.c:42\n destroy_super_work+0xec/0x130 fs/super.c:282\n process_one_work kernel/workqueue.c:3231 [inline]\n process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312\n worker_thread+0x86d/0xd40 kernel/workqueue.c:3390\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nAs Christian Brauner pointed out [1]: the root cause is f2fs sets\nSB_RDONLY flag in internal function, rather than setting the flag\ncovered w/ sb->s_umount semaphore via remount procedure, then below\nrace condition causes this bug:\n\n- freeze_super()\n - sb_wait_write(sb, SB_FREEZE_WRITE)\n - sb_wait_write(sb, SB_FREEZE_PAGEFAULT)\n - sb_wait_write(sb, SB_FREEZE_FS)\n\t\t\t\t\t- f2fs_handle_critical_error\n\t\t\t\t\t - sb->s_flags |= SB_RDONLY\n- thaw_super\n - thaw_super_locked\n - sb_rdonly() is true, so it skips\n sb_freeze_unlock(sb, SB_FREEZE_FS)\n - deactivate_locked_super\n\nSince f2fs has almost the same logic as ext4 [2] when handling critical\nerror in filesystem if it mounts w/ errors=remount-ro option:\n- set CP_ERROR_FLAG flag which indicates filesystem is stopped\n- record errors to superblock\n- set SB_RDONLY falg\nOnce we set CP_ERROR_FLAG flag, all writable interfaces can detect the\nflag and stop any further updates on filesystem. So, it is safe to not\nset SB_RDONLY flag, let's remove the logic and keep in line w/ ext4 [3].\n\n[1] https://lore.kernel.org/all/20240729-himbeeren-funknetz-96e62f9c7aee@brauner\n[2] https://lore.kernel.org/all/20240729132721.hxih6ehigadqf7wx@quack3\n[3] https://lore.kernel.org/linux-ext4/20240805201241.27286-1-jack@suse.cz", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47689", url: "https://www.suse.com/security/cve/CVE-2024-47689", }, { category: "external", summary: "SUSE Bug 1232010 for CVE-2024-47689", url: "https://bugzilla.suse.com/1232010", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47689", }, { cve: "CVE-2024-47690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47690", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: get rid of online repaire on corrupted directory\n\nsyzbot reports a f2fs bug as below:\n\nkernel BUG at fs/f2fs/inode.c:896!\nRIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896\nCall Trace:\n evict+0x532/0x950 fs/inode.c:704\n dispose_list fs/inode.c:747 [inline]\n evict_inodes+0x5f9/0x690 fs/inode.c:797\n generic_shutdown_super+0x9d/0x2d0 fs/super.c:627\n kill_block_super+0x44/0x90 fs/super.c:1696\n kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898\n deactivate_locked_super+0xc4/0x130 fs/super.c:473\n cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n ptrace_notify+0x2d2/0x380 kernel/signal.c:2402\n ptrace_report_syscall include/linux/ptrace.h:415 [inline]\n ptrace_report_syscall_exit include/linux/ptrace.h:477 [inline]\n syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173\n syscall_exit_to_user_mode_prepare kernel/entry/common.c:200 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:205 [inline]\n syscall_exit_to_user_mode+0x279/0x370 kernel/entry/common.c:218\n do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896\n\nOnline repaire on corrupted directory in f2fs_lookup() can generate\ndirty data/meta while racing w/ readonly remount, it may leave dirty\ninode after filesystem becomes readonly, however, checkpoint() will\nskips flushing dirty inode in a state of readonly mode, result in\nabove panic.\n\nLet's get rid of online repaire in f2fs_lookup(), and leave the work\nto fsck.f2fs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47690", url: "https://www.suse.com/security/cve/CVE-2024-47690", }, { category: "external", summary: "SUSE Bug 1232011 for CVE-2024-47690", url: "https://bugzilla.suse.com/1232011", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47690", }, { cve: "CVE-2024-47691", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47691", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()\n\nsyzbot reports a f2fs bug as below:\n\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_report+0xe8/0x550 mm/kasan/report.c:491\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n instrument_atomic_read_write include/linux/instrumented.h:96 [inline]\n atomic_fetch_add_relaxed include/linux/atomic/atomic-instrumented.h:252 [inline]\n __refcount_add include/linux/refcount.h:184 [inline]\n __refcount_inc include/linux/refcount.h:241 [inline]\n refcount_inc include/linux/refcount.h:258 [inline]\n get_task_struct include/linux/sched/task.h:118 [inline]\n kthread_stop+0xca/0x630 kernel/kthread.c:704\n f2fs_stop_gc_thread+0x65/0xb0 fs/f2fs/gc.c:210\n f2fs_do_shutdown+0x192/0x540 fs/f2fs/file.c:2283\n f2fs_ioc_shutdown fs/f2fs/file.c:2325 [inline]\n __f2fs_ioctl+0x443a/0xbe60 fs/f2fs/file.c:4325\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe root cause is below race condition, it may cause use-after-free\nissue in sbi->gc_th pointer.\n\n- remount\n - f2fs_remount\n - f2fs_stop_gc_thread\n - kfree(gc_th)\n\t\t\t\t- f2fs_ioc_shutdown\n\t\t\t\t - f2fs_do_shutdown\n\t\t\t\t - f2fs_stop_gc_thread\n\t\t\t\t - kthread_stop(gc_th->f2fs_gc_task)\n : sbi->gc_thread = NULL;\n\nWe will call f2fs_do_shutdown() in two paths:\n- for f2fs_ioc_shutdown() path, we should grab sb->s_umount semaphore\nfor fixing.\n- for f2fs_shutdown() path, it's safe since caller has already grabbed\nsb->s_umount semaphore.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47691", url: "https://www.suse.com/security/cve/CVE-2024-47691", }, { category: "external", summary: "SUSE Bug 1232012 for CVE-2024-47691", url: "https://bugzilla.suse.com/1232012", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47691", }, { cve: "CVE-2024-47692", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47692", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: return -EINVAL when namelen is 0\n\nWhen we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may\nresult in namelen being 0, which will cause memdup_user() to return\nZERO_SIZE_PTR.\nWhen we access the name.data that has been assigned the value of\nZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is\ntriggered.\n\n[ T1205] ==================================================================\n[ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205\n[ T1205]\n[ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406\n[ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ T1205] Call Trace:\n[ T1205] dump_stack+0x9a/0xd0\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] __kasan_report.cold+0x34/0x84\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] kasan_report+0x3a/0x50\n[ T1205] nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] ? nfsd4_release_lockowner+0x410/0x410\n[ T1205] cld_pipe_downcall+0x5ca/0x760\n[ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0\n[ T1205] ? down_write_killable_nested+0x170/0x170\n[ T1205] ? avc_policy_seqno+0x28/0x40\n[ T1205] ? selinux_file_permission+0x1b4/0x1e0\n[ T1205] rpc_pipe_write+0x84/0xb0\n[ T1205] vfs_write+0x143/0x520\n[ T1205] ksys_write+0xc9/0x170\n[ T1205] ? __ia32_sys_read+0x50/0x50\n[ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110\n[ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110\n[ T1205] do_syscall_64+0x33/0x40\n[ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n[ T1205] RIP: 0033:0x7fdbdb761bc7\n[ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 514\n[ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7\n[ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008\n[ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001\n[ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b\n[ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000\n[ T1205] ==================================================================\n\nFix it by checking namelen.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47692", url: "https://www.suse.com/security/cve/CVE-2024-47692", }, { category: "external", summary: "SUSE Bug 1231857 for CVE-2024-47692", url: "https://bugzilla.suse.com/1231857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47692", }, { cve: "CVE-2024-47693", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47693", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Fix ib_cache_setup_one error flow cleanup\n\nWhen ib_cache_update return an error, we exit ib_cache_setup_one\ninstantly with no proper cleanup, even though before this we had\nalready successfully done gid_table_setup_one, that results in\nthe kernel WARN below.\n\nDo proper cleanup using gid_table_cleanup_one before returning\nthe err in order to fix the issue.\n\nWARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0\nModules linked in:\nCPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:gid_table_release_one+0x181/0x1a0\nCode: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41\nRSP: 0018:ffffc90002b835b0 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527\nRDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001\nRBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631\nR10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001\nR13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001\nFS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ? show_regs+0x94/0xa0\n ? __warn+0x9e/0x1c0\n ? gid_table_release_one+0x181/0x1a0\n ? report_bug+0x1f9/0x340\n ? gid_table_release_one+0x181/0x1a0\n ? handle_bug+0xa2/0x110\n ? exc_invalid_op+0x31/0xa0\n ? asm_exc_invalid_op+0x16/0x20\n ? __warn_printk+0xc7/0x180\n ? __warn_printk+0xd4/0x180\n ? gid_table_release_one+0x181/0x1a0\n ib_device_release+0x71/0xe0\n ? __pfx_ib_device_release+0x10/0x10\n device_release+0x44/0xd0\n kobject_put+0x135/0x3d0\n put_device+0x20/0x30\n rxe_net_add+0x7d/0xa0\n rxe_newlink+0xd7/0x190\n nldev_newlink+0x1b0/0x2a0\n ? __pfx_nldev_newlink+0x10/0x10\n rdma_nl_rcv_msg+0x1ad/0x2e0\n rdma_nl_rcv_skb.constprop.0+0x176/0x210\n netlink_unicast+0x2de/0x400\n netlink_sendmsg+0x306/0x660\n __sock_sendmsg+0x110/0x120\n ____sys_sendmsg+0x30e/0x390\n ___sys_sendmsg+0x9b/0xf0\n ? kstrtouint+0x6e/0xa0\n ? kstrtouint_from_user+0x7c/0xb0\n ? get_pid_task+0xb0/0xd0\n ? proc_fail_nth_write+0x5b/0x140\n ? __fget_light+0x9a/0x200\n ? preempt_count_add+0x47/0xa0\n __sys_sendmsg+0x61/0xd0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47693", url: "https://www.suse.com/security/cve/CVE-2024-47693", }, { category: "external", summary: "SUSE Bug 1232013 for CVE-2024-47693", url: "https://bugzilla.suse.com/1232013", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-47693", }, { cve: "CVE-2024-47694", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47694", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix UMR pd cleanup on error flow of driver init\n\nThe cited commit moves the pd allocation from function\nmlx5r_umr_resource_cleanup() to a new function mlx5r_umr_cleanup().\nSo the fix in commit [1] is broken. In error flow, will hit panic [2].\n\nFix it by checking pd pointer to avoid panic if it is NULL;\n\n[1] RDMA/mlx5: Fix UMR cleanup on error flow of driver init\n[2]\n [ 347.567063] infiniband mlx5_0: Couldn't register device with driver model\n [ 347.591382] BUG: kernel NULL pointer dereference, address: 0000000000000020\n [ 347.593438] #PF: supervisor read access in kernel mode\n [ 347.595176] #PF: error_code(0x0000) - not-present page\n [ 347.596962] PGD 0 P4D 0\n [ 347.601361] RIP: 0010:ib_dealloc_pd_user+0x12/0xc0 [ib_core]\n [ 347.604171] RSP: 0018:ffff888106293b10 EFLAGS: 00010282\n [ 347.604834] RAX: 0000000000000000 RBX: 000000000000000e RCX: 0000000000000000\n [ 347.605672] RDX: ffff888106293ad0 RSI: 0000000000000000 RDI: 0000000000000000\n [ 347.606529] RBP: 0000000000000000 R08: ffff888106293ae0 R09: ffff888106293ae0\n [ 347.607379] R10: 0000000000000a06 R11: 0000000000000000 R12: 0000000000000000\n [ 347.608224] R13: ffffffffa0704dc0 R14: 0000000000000001 R15: 0000000000000001\n [ 347.609067] FS: 00007fdc720cd9c0(0000) GS:ffff88852c880000(0000) knlGS:0000000000000000\n [ 347.610094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 347.610727] CR2: 0000000000000020 CR3: 0000000103012003 CR4: 0000000000370eb0\n [ 347.611421] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [ 347.612113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [ 347.612804] Call Trace:\n [ 347.613130] <TASK>\n [ 347.613417] ? __die+0x20/0x60\n [ 347.613793] ? page_fault_oops+0x150/0x3e0\n [ 347.614243] ? free_msg+0x68/0x80 [mlx5_core]\n [ 347.614840] ? cmd_exec+0x48f/0x11d0 [mlx5_core]\n [ 347.615359] ? exc_page_fault+0x74/0x130\n [ 347.615808] ? asm_exc_page_fault+0x22/0x30\n [ 347.616273] ? ib_dealloc_pd_user+0x12/0xc0 [ib_core]\n [ 347.616801] mlx5r_umr_cleanup+0x23/0x90 [mlx5_ib]\n [ 347.617365] mlx5_ib_stage_pre_ib_reg_umr_cleanup+0x36/0x40 [mlx5_ib]\n [ 347.618025] __mlx5_ib_add+0x96/0xd0 [mlx5_ib]\n [ 347.618539] mlx5r_probe+0xe9/0x310 [mlx5_ib]\n [ 347.619032] ? kernfs_add_one+0x107/0x150\n [ 347.619478] ? __mlx5_ib_add+0xd0/0xd0 [mlx5_ib]\n [ 347.619984] auxiliary_bus_probe+0x3e/0x90\n [ 347.620448] really_probe+0xc5/0x3a0\n [ 347.620857] __driver_probe_device+0x80/0x160\n [ 347.621325] driver_probe_device+0x1e/0x90\n [ 347.621770] __driver_attach+0xec/0x1c0\n [ 347.622213] ? __device_attach_driver+0x100/0x100\n [ 347.622724] bus_for_each_dev+0x71/0xc0\n [ 347.623151] bus_add_driver+0xed/0x240\n [ 347.623570] driver_register+0x58/0x100\n [ 347.623998] __auxiliary_driver_register+0x6a/0xc0\n [ 347.624499] ? driver_register+0xae/0x100\n [ 347.624940] ? 0xffffffffa0893000\n [ 347.625329] mlx5_ib_init+0x16a/0x1e0 [mlx5_ib]\n [ 347.625845] do_one_initcall+0x4a/0x2a0\n [ 347.626273] ? gcov_event+0x2e2/0x3a0\n [ 347.626706] do_init_module+0x8a/0x260\n [ 347.627126] init_module_from_file+0x8b/0xd0\n [ 347.627596] __x64_sys_finit_module+0x1ca/0x2f0\n [ 347.628089] do_syscall_64+0x4c/0x100", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47694", url: "https://www.suse.com/security/cve/CVE-2024-47694", }, { category: "external", summary: "SUSE Bug 1232014 for CVE-2024-47694", url: "https://bugzilla.suse.com/1232014", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47694", }, { cve: "CVE-2024-47695", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47695", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds\n\nIn the function init_conns(), after the create_con() and create_cm() for\nloop if something fails. In the cleanup for loop after the destroy tag, we\naccess out of bound memory because cid is set to clt_path->s.con_num.\n\nThis commits resets the cid to clt_path->s.con_num - 1, to stay in bounds\nin the cleanup loop later.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47695", url: "https://www.suse.com/security/cve/CVE-2024-47695", }, { category: "external", summary: "SUSE Bug 1231931 for CVE-2024-47695", url: "https://bugzilla.suse.com/1231931", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47695", }, { cve: "CVE-2024-47696", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47696", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\n\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to\ndestroying CM IDs\"), the function flush_workqueue is invoked to flush the\nwork queue iwcm_wq.\n\nBut at that time, the work queue iwcm_wq was created via the function\nalloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\n\nBecause the current process is trying to flush the whole iwcm_wq, if\niwcm_wq doesn't have the flag WQ_MEM_RECLAIM, verify that the current\nprocess is not reclaiming memory or running on a workqueue which doesn't\nhave the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee\nleading to a deadlock.\n\nThe call trace is as below:\n\n[ 125.350876][ T1430] Call Trace:\n[ 125.356281][ T1430] <TASK>\n[ 125.361285][ T1430] ? __warn (kernel/panic.c:693)\n[ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970)\n[ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151)\n[ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm\n[ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910)\n[ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161)\n[ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm\n[ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma\n[ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma\n[ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231)\n[ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393)\n[ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339)\n[ 125.531837][ T1430] kthread (kernel/kthread.c:389)\n[ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147)\n[ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n[ 125.566487][ T1430] </TASK>\n[ 125.566488][ T1430] ---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47696", url: "https://www.suse.com/security/cve/CVE-2024-47696", }, { category: "external", summary: "SUSE Bug 1231864 for CVE-2024-47696", url: "https://bugzilla.suse.com/1231864", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47696", }, { cve: "CVE-2024-47697", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47697", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\n\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47697", url: "https://www.suse.com/security/cve/CVE-2024-47697", }, { category: "external", summary: "SUSE Bug 1231858 for CVE-2024-47697", url: "https://bugzilla.suse.com/1231858", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47697", }, { cve: "CVE-2024-47698", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47698", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error\n\nEnsure index in rtl2832_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev->filters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index > 32 to index >= 32 to resolve this\nissue.\n\n[hverkuil: added fixes tag, rtl2830_pid_filter -> rtl2832_pid_filter in logmsg]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47698", url: "https://www.suse.com/security/cve/CVE-2024-47698", }, { category: "external", summary: "SUSE Bug 1231859 for CVE-2024-47698", url: "https://bugzilla.suse.com/1231859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47698", }, { cve: "CVE-2024-47699", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47699", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\n\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\n\nThis series addresses three potential issues with empty b-tree nodes that\ncan occur with corrupted filesystem images, including one recently\ndiscovered by syzbot.\n\n\nThis patch (of 3):\n\nIf a b-tree is broken on the device, and the b-tree height is greater than\n2 (the level of the root node is greater than 1) even if the number of\nchild nodes of the b-tree root is 0, a NULL pointer dereference occurs in\nnilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\n\nThis is because, when the number of child nodes of the b-tree root is 0,\nnilfs_btree_do_lookup() does not set the block buffer head in any of\npath[x].bp_bh, leaving it as the initial value of NULL, but if the level\nof the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(),\nwhich accesses the buffer memory of path[x].bp_bh, is called.\n\nFix this issue by adding a check to nilfs_btree_root_broken(), which\nperforms sanity checks when reading the root node from the device, to\ndetect this inconsistency.\n\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause\nearly on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47699", url: "https://www.suse.com/security/cve/CVE-2024-47699", }, { category: "external", summary: "SUSE Bug 1231916 for CVE-2024-47699", url: "https://bugzilla.suse.com/1231916", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47699", }, { cve: "CVE-2024-47700", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47700", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: check stripe size compatibility on remount as well\n\nWe disable stripe size in __ext4_fill_super if it is not a multiple of\nthe cluster ratio however this check is missed when trying to remount.\nThis can leave us with cases where stripe < cluster_ratio after\nremount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some\nunforeseen bugs like divide by 0.\n\nFix that by adding the check in remount path as well.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47700", url: "https://www.suse.com/security/cve/CVE-2024-47700", }, { category: "external", summary: "SUSE Bug 1231919 for CVE-2024-47700", url: "https://bugzilla.suse.com/1231919", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47700", }, { cve: "CVE-2024-47701", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47701", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n </TASK>\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47701", url: "https://www.suse.com/security/cve/CVE-2024-47701", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-47701", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1231920 for CVE-2024-47701", url: "https://bugzilla.suse.com/1231920", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47701", }, { cve: "CVE-2024-47702", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47702", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fail verification for sign-extension of packet data/data_end/data_meta\n\nsyzbot reported a kernel crash due to\n commit 1f1e864b6555 (\"bpf: Handle sign-extenstin ctx member accesses\").\nThe reason is due to sign-extension of 32-bit load for\npacket data/data_end/data_meta uapi field.\n\nThe original code looks like:\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */\n r3 = *(u32 *)(r1 + 80) /* load __sk_buff->data_end */\n r0 = r2\n r0 += 8\n if r3 > r0 goto +1\n ...\nNote that __sk_buff->data load has 32-bit sign extension.\n\nAfter verification and convert_ctx_accesses(), the final asm code looks like:\n r2 = *(u64 *)(r1 +208)\n r2 = (s32)r2\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\n ...\nNote that 'r2 = (s32)r2' may make the kernel __sk_buff->data address invalid\nwhich may cause runtime failure.\n\nCurrently, in C code, typically we have\n void *data = (void *)(long)skb->data;\n void *data_end = (void *)(long)skb->data_end;\n ...\nand it will generate\n r2 = *(u64 *)(r1 +208)\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\n\nIf we allow sign-extension,\n void *data = (void *)(long)(int)skb->data;\n void *data_end = (void *)(long)skb->data_end;\n ...\nthe generated code looks like\n r2 = *(u64 *)(r1 +208)\n r2 <<= 32\n r2 s>>= 32\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 > r0 goto pc+1\nand this will cause verification failure since \"r2 <<= 32\" is not allowed\nas \"r2\" is a packet pointer.\n\nTo fix this issue for case\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */\nthis patch added additional checking in is_valid_access() callback\nfunction for packet data/data_end/data_meta access. If those accesses\nare with sign-extenstion, the verification will fail.\n\n [1] https://lore.kernel.org/bpf/000000000000c90eee061d236d37@google.com/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47702", url: "https://www.suse.com/security/cve/CVE-2024-47702", }, { category: "external", summary: "SUSE Bug 1231924 for CVE-2024-47702", url: "https://bugzilla.suse.com/1231924", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47702", }, { cve: "CVE-2024-47703", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47703", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, lsm: Add check for BPF LSM return value\n\nA bpf prog returning a positive number attached to file_alloc_security\nhook makes kernel panic.\n\nThis happens because file system can not filter out the positive number\nreturned by the LSM prog using IS_ERR, and misinterprets this positive\nnumber as a file pointer.\n\nGiven that hook file_alloc_security never returned positive number\nbefore the introduction of BPF LSM, and other BPF LSM hooks may\nencounter similar issues, this patch adds LSM return value check\nin verifier, to ensure no unexpected value is returned.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47703", url: "https://www.suse.com/security/cve/CVE-2024-47703", }, { category: "external", summary: "SUSE Bug 1231946 for CVE-2024-47703", url: "https://bugzilla.suse.com/1231946", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47703", }, { cve: "CVE-2024-47704", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47704", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check link_res->hpo_dp_link_enc before using it\n\n[WHAT & HOW]\nFunctions dp_enable_link_phy and dp_disable_link_phy can pass link_res\nwithout initializing hpo_dp_link_enc and it is necessary to check for\nnull before dereferencing.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47704", url: "https://www.suse.com/security/cve/CVE-2024-47704", }, { category: "external", summary: "SUSE Bug 1231944 for CVE-2024-47704", url: "https://bugzilla.suse.com/1231944", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47704", }, { cve: "CVE-2024-47705", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47705", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix potential invalid pointer dereference in blk_add_partition\n\nThe blk_add_partition() function initially used a single if-condition\n(IS_ERR(part)) to check for errors when adding a partition. This was\nmodified to handle the specific case of -ENXIO separately, allowing the\nfunction to proceed without logging the error in this case. However,\nthis change unintentionally left a path where md_autodetect_dev()\ncould be called without confirming that part is a valid pointer.\n\nThis commit separates the error handling logic by splitting the\ninitial if-condition, improving code readability and handling specific\nerror scenarios explicitly. The function now distinguishes the general\nerror case from -ENXIO without altering the existing behavior of\nmd_autodetect_dev() calls.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47705", url: "https://www.suse.com/security/cve/CVE-2024-47705", }, { category: "external", summary: "SUSE Bug 1231872 for CVE-2024-47705", url: "https://bugzilla.suse.com/1231872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47705", }, { cve: "CVE-2024-47706", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47706", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix possible UAF for bfqq->bic with merge chain\n\n1) initial state, three tasks:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | Λ | Λ\t\t | Λ\n\t\t | | | |\t\t | |\n\t\t V | V |\t\t V |\n\t\t bfqq1 bfqq2\t\t bfqq3\nprocess ref:\t 1\t\t 1\t\t 1\n\n2) bfqq1 merged to bfqq2:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | |\t\t | Λ\n\t\t \\--------------\\|\t\t | |\n\t\t V\t\t V |\n\t\t bfqq1--------->bfqq2\t\t bfqq3\nprocess ref:\t 0\t\t 2\t\t 1\n\n3) bfqq2 merged to bfqq3:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t here -> Λ |\t\t |\n\t\t \\--------------\\ \\-------------\\|\n\t\t V\t\t V\n\t\t bfqq1--------->bfqq2---------->bfqq3\nprocess ref:\t 0\t\t 1\t\t 3\n\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\nstate, and set bfqq2->bic to BIC1.\n\nbfq_insert_request\n-> by Process 1\n bfqq = bfq_init_rq(rq)\n bfqq = bfq_get_bfqq_handle_split\n bfqq = bic_to_bfqq\n -> get bfqq2 from BIC1\n bfqq->ref++\n rq->elv.priv[0] = bic\n rq->elv.priv[1] = bfqq\n if (bfqq_process_refs(bfqq) == 1)\n bfqq->bic = bic\n -> record BIC1 to bfqq2\n\n __bfq_insert_request\n new_bfqq = bfq_setup_cooperator\n -> get bfqq3 from bfqq2->new_bfqq\n bfqq_request_freed(bfqq)\n new_bfqq->ref++\n rq->elv.priv[1] = new_bfqq\n -> handle IO by bfqq3\n\nFix the problem by checking bfqq is from merge chain fist. And this\nmight fix a following problem reported by our syzkaller(unreproducible):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\nBUG: KASAN: slab-use-after-free in bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\nBUG: KASAN: slab-use-after-free in bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\nWrite of size 1 at addr ffff888123839eb8 by task kworker/0:1H/18595\n\nCPU: 0 PID: 18595 Comm: kworker/0:1H Tainted: G L 6.6.0-07439-gba2303cacfda #6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nWorkqueue: kblockd blk_mq_requeue_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0x10d/0x610 mm/kasan/report.c:475\n kasan_report+0x8e/0xc0 mm/kasan/report.c:588\n bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\n bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\n bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\n bfq_get_bfqq_handle_split+0x169/0x5d0 block/bfq-iosched.c:6757\n bfq_init_rq block/bfq-iosched.c:6876 [inline]\n bfq_insert_request block/bfq-iosched.c:6254 [inline]\n bfq_insert_requests+0x1112/0x5cf0 block/bfq-iosched.c:6304\n blk_mq_insert_request+0x290/0x8d0 block/blk-mq.c:2593\n blk_mq_requeue_work+0x6bc/0xa70 block/blk-mq.c:1502\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700\n worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781\n kthread+0x33c/0x440 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305\n </TASK>\n\nAllocated by task 20776:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:763 [inline]\n slab_alloc_node mm/slub.c:3458 [inline]\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\n ioc_create_icq block/blk-ioc.c:370 [inline]\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47706", url: "https://www.suse.com/security/cve/CVE-2024-47706", }, { category: "external", summary: "SUSE Bug 1231942 for CVE-2024-47706", url: "https://bugzilla.suse.com/1231942", }, { category: "external", summary: "SUSE Bug 1231943 for CVE-2024-47706", url: "https://bugzilla.suse.com/1231943", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47706", }, { cve: "CVE-2024-47707", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47707", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()\n\nBlamed commit accidentally removed a check for rt->rt6i_idev being NULL,\nas spotted by syzbot:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 UID: 0 PID: 10998 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00208-g625403177711 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nRBP: ffffc900047375d0 R08: 0000000000000003 R09: fffff520008e6e8c\nR10: dffffc0000000000 R11: fffff520008e6e8c R12: 1ffff1100fdf8f18\nR13: ffff88807efc7998 R14: 0000000000000000 R15: ffff88807efc7930\nFS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020002a80 CR3: 0000000022f62000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n addrconf_ifdown+0x15d/0x1bd0 net/ipv6/addrconf.c:3856\n addrconf_notify+0x3cb/0x1020\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n unregister_netdevice_many_notify+0xd81/0x1c40 net/core/dev.c:11352\n unregister_netdevice_many net/core/dev.c:11414 [inline]\n unregister_netdevice_queue+0x303/0x370 net/core/dev.c:11289\n unregister_netdevice include/linux/netdevice.h:3129 [inline]\n __tun_detach+0x6b9/0x1600 drivers/net/tun.c:685\n tun_detach drivers/net/tun.c:701 [inline]\n tun_chr_close+0x108/0x1b0 drivers/net/tun.c:3510\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f1acc77def9\nCode: Unable to access opcode bytes at 0x7f1acc77decf.\nRSP: 002b:00007ffeb26fa738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1acc77def9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043\nRBP: 00007f1acc7dd508 R08: 00007ffeb26f84d7 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 0000000000000003 R14: 00000000ffffffff R15: 00007ffeb26fa8e0\n </TASK>\nModules linked in:\n---[ end trace 0000000000000000 ]---\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nR\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47707", url: "https://www.suse.com/security/cve/CVE-2024-47707", }, { category: "external", summary: "SUSE Bug 1231935 for CVE-2024-47707", url: "https://bugzilla.suse.com/1231935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47707", }, { cve: "CVE-2024-47708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47708", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetkit: Assign missing bpf_net_context\n\nDuring the introduction of struct bpf_net_context handling for\nXDP-redirect, the netkit driver has been missed, which also requires it\nbecause NETKIT_REDIRECT invokes skb_do_redirect() which is accessing the\nper-CPU variables. Otherwise we see the following crash:\n\n\tBUG: kernel NULL pointer dereference, address: 0000000000000038\n\tbpf_redirect()\n\tnetkit_xmit()\n\tdev_hard_start_xmit()\n\nSet the bpf_net_context before invoking netkit_xmit() program within the\nnetkit driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47708", url: "https://www.suse.com/security/cve/CVE-2024-47708", }, { category: "external", summary: "SUSE Bug 1231933 for CVE-2024-47708", url: "https://bugzilla.suse.com/1231933", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47708", }, { cve: "CVE-2024-47709", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47709", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Clear bo->bcm_proc_read after remove_proc_entry().\n\nsyzbot reported a warning in bcm_release(). [0]\n\nThe blamed change fixed another warning that is triggered when\nconnect() is issued again for a socket whose connect()ed device has\nbeen unregistered.\n\nHowever, if the socket is just close()d without the 2nd connect(), the\nremaining bo->bcm_proc_read triggers unnecessary remove_proc_entry()\nin bcm_release().\n\nLet's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify().\n\n[0]\nname '4986'\nWARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nModules linked in:\nCPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nCode: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f> 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07\nRSP: 0018:ffffc9000345fa20 EFLAGS: 00010246\nRAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a\nR10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640\nR13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n bcm_release+0x250/0x880 net/can/bcm.c:1578\n __sock_release net/socket.c:659 [inline]\n sock_close+0xbc/0x240 net/socket.c:1421\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcfb51ee969\nCode: Unable to access opcode bytes at 0x7fcfb51ee93f.\nRSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001\nRBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0\nR13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47709", url: "https://www.suse.com/security/cve/CVE-2024-47709", }, { category: "external", summary: "SUSE Bug 1232048 for CVE-2024-47709", url: "https://bugzilla.suse.com/1232048", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47709", }, { cve: "CVE-2024-47710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47710", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsock_map: Add a cond_resched() in sock_hash_free()\n\nSeveral syzbot soft lockup reports all have in common sock_hash_free()\n\nIf a map with a large number of buckets is destroyed, we need to yield\nthe cpu when needed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47710", url: "https://www.suse.com/security/cve/CVE-2024-47710", }, { category: "external", summary: "SUSE Bug 1232049 for CVE-2024-47710", url: "https://bugzilla.suse.com/1232049", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-47710", }, { cve: "CVE-2024-47711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47711", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Don't return OOB skb in manage_oob().\n\nsyzbot reported use-after-free in unix_stream_recv_urg(). [0]\n\nThe scenario is\n\n 1. send(MSG_OOB)\n 2. recv(MSG_OOB)\n -> The consumed OOB remains in recv queue\n 3. send(MSG_OOB)\n 4. recv()\n -> manage_oob() returns the next skb of the consumed OOB\n -> This is also OOB, but unix_sk(sk)->oob_skb is not cleared\n 5. recv(MSG_OOB)\n -> unix_sk(sk)->oob_skb is used but already freed\n\nThe recent commit 8594d9b85c07 (\"af_unix: Don't call skb_get() for OOB\nskb.\") uncovered the issue.\n\nIf the OOB skb is consumed and the next skb is peeked in manage_oob(),\nwe still need to check if the skb is OOB.\n\nLet's do so by falling back to the following checks in manage_oob()\nand add the test case in selftest.\n\nNote that we need to add a similar check for SIOCATMARK.\n\n[0]:\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959\nRead of size 4 at addr ffff8880326abcc4 by task syz-executor178/5235\n\nCPU: 0 UID: 0 PID: 5235 Comm: syz-executor178 Not tainted 6.11.0-rc5-syzkaller-00742-gfbdaffe41adc #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959\n unix_stream_recv_urg+0x1df/0x320 net/unix/af_unix.c:2640\n unix_stream_read_generic+0x2456/0x2520 net/unix/af_unix.c:2778\n unix_stream_recvmsg+0x22b/0x2c0 net/unix/af_unix.c:2996\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x22f/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2816\n ___sys_recvmsg net/socket.c:2858 [inline]\n __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f5360d6b4e9\nCode: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff29b3a458 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 00007fff29b3a638 RCX: 00007f5360d6b4e9\nRDX: 0000000000002001 RSI: 0000000020000640 RDI: 0000000000000003\nRBP: 00007f5360dde610 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007fff29b3a628 R14: 0000000000000001 R15: 0000000000000001\n </TASK>\n\nAllocated by task 5235:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:312 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3988 [inline]\n slab_alloc_node mm/slub.c:4037 [inline]\n kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4080\n __alloc_skb+0x1c3/0x440 net/core/skbuff.c:667\n alloc_skb include/linux/skbuff.h:1320 [inline]\n alloc_skb_with_frags+0xc3/0x770 net/core/skbuff.c:6528\n sock_alloc_send_pskb+0x91a/0xa60 net/core/sock.c:2815\n sock_alloc_send_skb include/net/sock.h:1778 [inline]\n queue_oob+0x108/0x680 net/unix/af_unix.c:2198\n unix_stream_sendmsg+0xd24/0xf80 net/unix/af_unix.c:2351\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 5235:\n kasan_save_stack mm/kasan/common.c:47\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47711", url: "https://www.suse.com/security/cve/CVE-2024-47711", }, { category: "external", summary: "SUSE Bug 1232054 for CVE-2024-47711", url: "https://bugzilla.suse.com/1232054", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47711", }, { cve: "CVE-2024-47712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47712", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param\n\nIn the `wilc_parse_join_bss_param` function, the TSF field of the `ies`\nstructure is accessed after the RCU read-side critical section is\nunlocked. According to RCU usage rules, this is illegal. Reusing this\npointer can lead to unpredictable behavior, including accessing memory\nthat has been updated or causing use-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the TSF value is now stored in a local variable\n`ies_tsf` before the RCU lock is released. The `param->tsf_lo` field is\nthen assigned using this local variable, ensuring that the TSF value is\nsafely accessed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47712", url: "https://www.suse.com/security/cve/CVE-2024-47712", }, { category: "external", summary: "SUSE Bug 1232017 for CVE-2024-47712", url: "https://bugzilla.suse.com/1232017", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47712", }, { cve: "CVE-2024-47713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47713", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()\n\nSince '__dev_queue_xmit()' should be called with interrupts enabled,\nthe following backtrace:\n\nieee80211_do_stop()\n ...\n spin_lock_irqsave(&local->queue_stop_reason_lock, flags)\n ...\n ieee80211_free_txskb()\n ieee80211_report_used_skb()\n ieee80211_report_ack_skb()\n cfg80211_mgmt_tx_status_ext()\n nl80211_frame_tx_status()\n genlmsg_multicast_netns()\n genlmsg_multicast_netns_filtered()\n nlmsg_multicast_filtered()\n\t netlink_broadcast_filtered()\n\t do_one_broadcast()\n\t netlink_broadcast_deliver()\n\t __netlink_sendskb()\n\t netlink_deliver_tap()\n\t __netlink_deliver_tap_skb()\n\t dev_queue_xmit()\n\t __dev_queue_xmit() ; with IRQS disabled\n ...\n spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags)\n\nissues the warning (as reported by syzbot reproducer):\n\nWARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120\n\nFix this by implementing a two-phase skb reclamation in\n'ieee80211_do_stop()', where actual work is performed\noutside of a section with interrupts disabled.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47713", url: "https://www.suse.com/security/cve/CVE-2024-47713", }, { category: "external", summary: "SUSE Bug 1232016 for CVE-2024-47713", url: "https://bugzilla.suse.com/1232016", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47713", }, { cve: "CVE-2024-47714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47714", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: use hweight16 to get correct tx antenna\n\nThe chainmask is u16 so using hweight8 cannot get correct tx_ant.\nWithout this patch, the tx_ant of band 2 would be -1 and lead to the\nfollowing issue:\nBUG: KASAN: stack-out-of-bounds in mt7996_mcu_add_sta+0x12e0/0x16e0 [mt7996e]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47714", url: "https://www.suse.com/security/cve/CVE-2024-47714", }, { category: "external", summary: "SUSE Bug 1232018 for CVE-2024-47714", url: "https://bugzilla.suse.com/1232018", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-47714", }, { cve: "CVE-2024-47715", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47715", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7915: fix oops on non-dbdc mt7986\n\nmt7915_band_config() sets band_idx = 1 on the main phy for mt7986\nwith MT7975_ONE_ADIE or MT7976_ONE_ADIE.\n\nCommit 0335c034e726 (\"wifi: mt76: fix race condition related to\nchecking tx queue fill status\") introduced a dereference of the\nphys array indirectly indexed by band_idx via wcid->phy_idx in\nmt76_wcid_cleanup(). This caused the following Oops on affected\nmt7986 devices:\n\n Unable to handle kernel read from unreadable memory at virtual address 0000000000000024\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005\n CM = 0, WnR = 0\n user pgtable: 4k pages, 39-bit VAs, pgdp=0000000042545000\n [0000000000000024] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] SMP\n Modules linked in: ... mt7915e mt76_connac_lib mt76 mac80211 cfg80211 ...\n CPU: 2 PID: 1631 Comm: hostapd Not tainted 5.15.150 #0\n Hardware name: ZyXEL EX5700 (Telenor) (DT)\n pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mt76_wcid_cleanup+0x84/0x22c [mt76]\n lr : mt76_wcid_cleanup+0x64/0x22c [mt76]\n sp : ffffffc00a803700\n x29: ffffffc00a803700 x28: ffffff80008f7300 x27: ffffff80003f3c00\n x26: ffffff80000a7880 x25: ffffffc008c26e00 x24: 0000000000000001\n x23: ffffffc000a68114 x22: 0000000000000000 x21: ffffff8004172cc8\n x20: ffffffc00a803748 x19: ffffff8004152020 x18: 0000000000000000\n x17: 00000000000017c0 x16: ffffffc008ef5000 x15: 0000000000000be0\n x14: ffffff8004172e28 x13: ffffff8004172e28 x12: 0000000000000000\n x11: 0000000000000000 x10: ffffff8004172e30 x9 : ffffff8004172e28\n x8 : 0000000000000000 x7 : ffffff8004156020 x6 : 0000000000000000\n x5 : 0000000000000031 x4 : 0000000000000000 x3 : 0000000000000001\n x2 : 0000000000000000 x1 : ffffff80008f7300 x0 : 0000000000000024\n Call trace:\n mt76_wcid_cleanup+0x84/0x22c [mt76]\n __mt76_sta_remove+0x70/0xbc [mt76]\n mt76_sta_state+0x8c/0x1a4 [mt76]\n mt7915_eeprom_get_power_delta+0x11e4/0x23a0 [mt7915e]\n drv_sta_state+0x144/0x274 [mac80211]\n sta_info_move_state+0x1cc/0x2a4 [mac80211]\n sta_set_sinfo+0xaf8/0xc24 [mac80211]\n sta_info_destroy_addr_bss+0x4c/0x6c [mac80211]\n\n ieee80211_color_change_finish+0x1c08/0x1e70 [mac80211]\n cfg80211_check_station_change+0x1360/0x4710 [cfg80211]\n genl_family_rcv_msg_doit+0xb4/0x110\n genl_rcv_msg+0xd0/0x1bc\n netlink_rcv_skb+0x58/0x120\n genl_rcv+0x34/0x50\n netlink_unicast+0x1f0/0x2ec\n netlink_sendmsg+0x198/0x3d0\n ____sys_sendmsg+0x1b0/0x210\n ___sys_sendmsg+0x80/0xf0\n __sys_sendmsg+0x44/0xa0\n __arm64_sys_sendmsg+0x20/0x30\n invoke_syscall.constprop.0+0x4c/0xe0\n do_el0_svc+0x40/0xd0\n el0_svc+0x14/0x4c\n el0t_64_sync_handler+0x100/0x110\n el0t_64_sync+0x15c/0x160\n Code: d2800002 910092c0 52800023 f9800011 (885f7c01)\n ---[ end trace 7e42dd9a39ed2281 ]---\n\nFix by using mt76_dev_phy() which will map band_idx to the correct phy\nfor all hardware combinations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47715", url: "https://www.suse.com/security/cve/CVE-2024-47715", }, { category: "external", summary: "SUSE Bug 1231860 for CVE-2024-47715", url: "https://bugzilla.suse.com/1231860", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47715", }, { cve: "CVE-2024-47716", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47716", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros\n\nFloating point instructions in userspace can crash some arm kernels\nbuilt with clang/LLD 17.0.6:\n\n BUG: unsupported FP instruction in kernel mode\n FPEXC == 0xc0000780\n Internal error: Oops - undefined instruction: 0 [#1] ARM\n CPU: 0 PID: 196 Comm: vfp-reproducer Not tainted 6.10.0 #1\n Hardware name: BCM2835\n PC is at vfp_support_entry+0xc8/0x2cc\n LR is at do_undefinstr+0xa8/0x250\n pc : [<c0101d50>] lr : [<c010a80c>] psr: a0000013\n sp : dc8d1f68 ip : 60000013 fp : bedea19c\n r10: ec532b17 r9 : 00000010 r8 : 0044766c\n r7 : c0000780 r6 : ec532b17 r5 : c1c13800 r4 : dc8d1fb0\n r3 : c10072c4 r2 : c0101c88 r1 : ec532b17 r0 : 0044766c\n Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\n Control: 00c5387d Table: 0251c008 DAC: 00000051\n Register r0 information: non-paged memory\n Register r1 information: vmalloc memory\n Register r2 information: non-slab/vmalloc memory\n Register r3 information: non-slab/vmalloc memory\n Register r4 information: 2-page vmalloc region\n Register r5 information: slab kmalloc-cg-2k\n Register r6 information: vmalloc memory\n Register r7 information: non-slab/vmalloc memory\n Register r8 information: non-paged memory\n Register r9 information: zero-size pointer\n Register r10 information: vmalloc memory\n Register r11 information: non-paged memory\n Register r12 information: non-paged memory\n Process vfp-reproducer (pid: 196, stack limit = 0x61aaaf8b)\n Stack: (0xdc8d1f68 to 0xdc8d2000)\n 1f60: 0000081f b6f69300 0000000f c10073f4 c10072c4 dc8d1fb0\n 1f80: ec532b17 0c532b17 0044766c b6f9ccd8 00000000 c010a80c 00447670 60000010\n 1fa0: ffffffff c1c13800 00c5387d c0100f10 b6f68af8 00448fc0 00000000 bedea188\n 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c\n 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff 00000000 00000000\n Call trace:\n [<c0101d50>] (vfp_support_entry) from [<c010a80c>] (do_undefinstr+0xa8/0x250)\n [<c010a80c>] (do_undefinstr) from [<c0100f10>] (__und_usr+0x70/0x80)\n Exception stack(0xdc8d1fb0 to 0xdc8d1ff8)\n 1fa0: b6f68af8 00448fc0 00000000 bedea188\n 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c\n 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff\n Code: 0a000061 e3877202 e594003c e3a09010 (eef16a10)\n ---[ end trace 0000000000000000 ]---\n Kernel panic - not syncing: Fatal exception in interrupt\n ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---\n\nThis is a minimal userspace reproducer on a Raspberry Pi Zero W:\n\n #include <stdio.h>\n #include <math.h>\n\n int main(void)\n {\n double v = 1.0;\n printf(\"%fn\", NAN + *(volatile double *)&v);\n return 0;\n }\n\nAnother way to consistently trigger the oops is:\n\n calvin@raspberry-pi-zero-w ~$ python -c \"import json\"\n\nThe bug reproduces only when the kernel is built with DYNAMIC_DEBUG=n,\nbecause the pr_debug() calls act as barriers even when not activated.\n\nThis is the output from the same kernel source built with the same\ncompiler and DYNAMIC_DEBUG=y, where the userspace reproducer works as\nexpected:\n\n VFP: bounce: trigger ec532b17 fpexc c0000780\n VFP: emulate: INST=0xee377b06 SCR=0x00000000\n VFP: bounce: trigger eef1fa10 fpexc c0000780\n VFP: emulate: INST=0xeeb40b40 SCR=0x00000000\n VFP: raising exceptions 30000000\n\n calvin@raspberry-pi-zero-w ~$ ./vfp-reproducer\n nan\n\nCrudely grepping for vmsr/vmrs instructions in the otherwise nearly\nidential text for vfp_support_entry() makes the problem obvious:\n\n vmlinux.llvm.good [0xc0101cb8] <+48>: vmrs r7, fpexc\n vmlinux.llvm.good [0xc0101cd8] <+80>: vmsr fpexc, r0\n vmlinux.llvm.good [0xc0101d20\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47716", url: "https://www.suse.com/security/cve/CVE-2024-47716", }, { category: "external", summary: "SUSE Bug 1232053 for CVE-2024-47716", url: "https://bugzilla.suse.com/1232053", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47716", }, { cve: "CVE-2024-47717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47717", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRISC-V: KVM: Don't zero-out PMU snapshot area before freeing data\n\nWith the latest Linux-6.11-rc3, the below NULL pointer crash is observed\nwhen SBI PMU snapshot is enabled for the guest and the guest is forcefully\npowered-off.\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000508\n Oops [#1]\n Modules linked in: kvm\n CPU: 0 UID: 0 PID: 61 Comm: term-poll Not tainted 6.11.0-rc3-00018-g44d7178dd77a #3\n Hardware name: riscv-virtio,qemu (DT)\n epc : __kvm_write_guest_page+0x94/0xa6 [kvm]\n ra : __kvm_write_guest_page+0x54/0xa6 [kvm]\n epc : ffffffff01590e98 ra : ffffffff01590e58 sp : ffff8f80001f39b0\n gp : ffffffff81512a60 tp : ffffaf80024872c0 t0 : ffffaf800247e000\n t1 : 00000000000007e0 t2 : 0000000000000000 s0 : ffff8f80001f39f0\n s1 : 00007fff89ac4000 a0 : ffffffff015dd7e8 a1 : 0000000000000086\n a2 : 0000000000000000 a3 : ffffaf8000000000 a4 : ffffaf80024882c0\n a5 : 0000000000000000 a6 : ffffaf800328d780 a7 : 00000000000001cc\n s2 : ffffaf800197bd00 s3 : 00000000000828c4 s4 : ffffaf800248c000\n s5 : ffffaf800247d000 s6 : 0000000000001000 s7 : 0000000000001000\n s8 : 0000000000000000 s9 : 00007fff861fd500 s10: 0000000000000001\n s11: 0000000000800000 t3 : 00000000000004d3 t4 : 00000000000004d3\n t5 : ffffffff814126e0 t6 : ffffffff81412700\n status: 0000000200000120 badaddr: 0000000000000508 cause: 000000000000000d\n [<ffffffff01590e98>] __kvm_write_guest_page+0x94/0xa6 [kvm]\n [<ffffffff015943a6>] kvm_vcpu_write_guest+0x56/0x90 [kvm]\n [<ffffffff015a175c>] kvm_pmu_clear_snapshot_area+0x42/0x7e [kvm]\n [<ffffffff015a1972>] kvm_riscv_vcpu_pmu_deinit.part.0+0xe0/0x14e [kvm]\n [<ffffffff015a2ad0>] kvm_riscv_vcpu_pmu_deinit+0x1a/0x24 [kvm]\n [<ffffffff0159b344>] kvm_arch_vcpu_destroy+0x28/0x4c [kvm]\n [<ffffffff0158e420>] kvm_destroy_vcpus+0x5a/0xda [kvm]\n [<ffffffff0159930c>] kvm_arch_destroy_vm+0x14/0x28 [kvm]\n [<ffffffff01593260>] kvm_destroy_vm+0x168/0x2a0 [kvm]\n [<ffffffff015933d4>] kvm_put_kvm+0x3c/0x58 [kvm]\n [<ffffffff01593412>] kvm_vm_release+0x22/0x2e [kvm]\n\nClearly, the kvm_vcpu_write_guest() function is crashing because it is\nbeing called from kvm_pmu_clear_snapshot_area() upon guest tear down.\n\nTo address the above issue, simplify the kvm_pmu_clear_snapshot_area() to\nnot zero-out PMU snapshot area from kvm_pmu_clear_snapshot_area() because\nthe guest is anyway being tore down.\n\nThe kvm_pmu_clear_snapshot_area() is also called when guest changes\nPMU snapshot area of a VCPU but even in this case the previous PMU\nsnaphsot area must not be zeroed-out because the guest might have\nreclaimed the pervious PMU snapshot area for some other purpose.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47717", url: "https://www.suse.com/security/cve/CVE-2024-47717", }, { category: "external", summary: "SUSE Bug 1232041 for CVE-2024-47717", url: "https://bugzilla.suse.com/1232041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47717", }, { cve: "CVE-2024-47718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47718", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: always wait for both firmware loading attempts\n\nIn 'rtw_wait_firmware_completion()', always wait for both (regular and\nwowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()'\nhas failed in 'rtw_usb_probe()', 'rtw_usb_disconnect()' may issue\n'ieee80211_free_hw()' when one of 'rtw_load_firmware_cb()' (usually\nthe wowlan one) is still in progress, causing UAF detected by KASAN.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47718", url: "https://www.suse.com/security/cve/CVE-2024-47718", }, { category: "external", summary: "SUSE Bug 1232015 for CVE-2024-47718", url: "https://bugzilla.suse.com/1232015", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47718", }, { cve: "CVE-2024-47719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47719", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Protect against overflow of ALIGN() during iova allocation\n\nUserspace can supply an iova and uptr such that the target iova alignment\nbecomes really big and ALIGN() overflows which corrupts the selected area\nrange during allocation. CONFIG_IOMMUFD_TEST can detect this:\n\n WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline]\n WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352\n Modules linked in:\n CPU: 1 PID: 5092 Comm: syz-executor294 Not tainted 6.10.0-rc5-syzkaller-00294-g3ffea9a7a6f7 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\n RIP: 0010:iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline]\n RIP: 0010:iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352\n Code: fc e9 a4 f3 ff ff e8 1a 8b 4c fc 41 be e4 ff ff ff e9 8a f3 ff ff e8 0a 8b 4c fc 90 0f 0b 90 e9 37 f5 ff ff e8 fc 8a 4c fc 90 <0f> 0b 90 e9 68 f3 ff ff 48 c7 c1 ec 82 ad 8f 80 e1 07 80 c1 03 38\n RSP: 0018:ffffc90003ebf9e0 EFLAGS: 00010293\n RAX: ffffffff85499fa4 RBX: 00000000ffffffef RCX: ffff888079b49e00\n RDX: 0000000000000000 RSI: 00000000ffffffef RDI: 0000000000000000\n RBP: ffffc90003ebfc50 R08: ffffffff85499b30 R09: ffffffff85499942\n R10: 0000000000000002 R11: ffff888079b49e00 R12: ffff8880228e0010\n R13: 0000000000000000 R14: 1ffff920007d7f68 R15: ffffc90003ebfd00\n FS: 000055557d760380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00000000005fdeb8 CR3: 000000007404a000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n iommufd_ioas_copy+0x610/0x7b0 drivers/iommu/iommufd/ioas.c:274\n iommufd_fops_ioctl+0x4d9/0x5a0 drivers/iommu/iommufd/main.c:421\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCap the automatic alignment to the huge page size, which is probably a\nbetter idea overall. Huge automatic alignments can fragment and chew up\nthe available IOVA space without any reason.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47719", url: "https://www.suse.com/security/cve/CVE-2024-47719", }, { category: "external", summary: "SUSE Bug 1231865 for CVE-2024-47719", url: "https://bugzilla.suse.com/1231865", }, { category: "external", summary: "SUSE Bug 1231866 for CVE-2024-47719", url: "https://bugzilla.suse.com/1231866", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47719", }, { cve: "CVE-2024-47720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47720", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn30_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for nullity at line 386, but then it\nwas being dereferenced without any nullity check at line 401. This\ncould potentially lead to a null pointer dereference error if\nset_output_gamma is indeed null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a nullity check for\nset_output_gamma before the call to set_output_gamma at line 401. If\nset_output_gamma is null, we log an error message and do not call the\nfunction.\n\nThis fix prevents a potential null pointer dereference error.\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func()\nerror: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386)\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c\n 373 bool dcn30_set_output_transfer_func(struct dc *dc,\n 374 struct pipe_ctx *pipe_ctx,\n 375 const struct dc_stream_state *stream)\n 376 {\n 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst;\n 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc;\n 379 const struct pwl_params *params = NULL;\n 380 bool ret = false;\n 381\n 382 /* program OGAM or 3DLUT only for the top pipe*/\n 383 if (pipe_ctx->top_pipe == NULL) {\n 384 /*program rmu shaper and 3dlut in MPC*/\n 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream);\n 386 if (ret == false && mpc->funcs->set_output_gamma) {\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL\n\n 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL)\n 388 params = &stream->out_transfer_func.pwl;\n 389 else if (pipe_ctx->stream->out_transfer_func.type ==\n 390 TF_TYPE_DISTRIBUTED_POINTS &&\n 391 cm3_helper_translate_curve_to_hw_format(\n 392 &stream->out_transfer_func,\n 393 &mpc->blender_params, false))\n 394 params = &mpc->blender_params;\n 395 /* there are no ROM LUTs in OUTGAM */\n 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED)\n 397 BREAK_TO_DEBUGGER();\n 398 }\n 399 }\n 400\n--> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params);\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash\n\n 402 return ret;\n 403 }", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47720", url: "https://www.suse.com/security/cve/CVE-2024-47720", }, { category: "external", summary: "SUSE Bug 1232043 for CVE-2024-47720", url: "https://bugzilla.suse.com/1232043", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47720", }, { cve: "CVE-2024-47721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47721", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading\n\nThe handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't\nimplemented, but driver expects number of handlers is\nNUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access. Fix it by\nremoving ID.\n\nAddresses-Coverity-ID: 1598775 (\"Out-of-bounds read\")", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47721", url: "https://www.suse.com/security/cve/CVE-2024-47721", }, { category: "external", summary: "SUSE Bug 1232052 for CVE-2024-47721", url: "https://bugzilla.suse.com/1232052", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47721", }, { cve: "CVE-2024-47723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47723", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix out-of-bounds in dbNextAG() and diAlloc()\n\nIn dbNextAG() , there is no check for the case where bmp->db_numag is\ngreater or same than MAXAG due to a polluted image, which causes an\nout-of-bounds. Therefore, a bounds check should be added in dbMount().\n\nAnd in dbNextAG(), a check for the case where agpref is greater than\nbmp->db_numag should be added, so an out-of-bounds exception should be\nprevented.\n\nAdditionally, a check for the case where agno is greater or same than\nMAXAG should be added in diAlloc() to prevent out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47723", url: "https://www.suse.com/security/cve/CVE-2024-47723", }, { category: "external", summary: "SUSE Bug 1232050 for CVE-2024-47723", url: "https://bugzilla.suse.com/1232050", }, { category: "external", summary: "SUSE Bug 1232051 for CVE-2024-47723", url: "https://bugzilla.suse.com/1232051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47723", }, { cve: "CVE-2024-47724", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47724", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: use work queue to process beacon tx event\n\nCommit 3a415daa3e8b (\"wifi: ath11k: add P2P IE in beacon template\")\nfrom Feb 28, 2024 (linux-next), leads to the following Smatch static\nchecker warning:\n\ndrivers/net/wireless/ath/ath11k/wmi.c:1742 ath11k_wmi_p2p_go_bcn_ie()\nwarn: sleeping in atomic context\n\nThe reason is that ath11k_bcn_tx_status_event() will directly call might\nsleep function ath11k_wmi_cmd_send() during RCU read-side critical\nsections. The call trace is like:\n\nath11k_bcn_tx_status_event()\n-> rcu_read_lock()\n-> ath11k_mac_bcn_tx_event()\n\t-> ath11k_mac_setup_bcn_tmpl()\n\t……\n\t\t-> ath11k_wmi_bcn_tmpl()\n\t\t\t-> ath11k_wmi_cmd_send()\n-> rcu_read_unlock()\n\nCommit 886433a98425 (\"ath11k: add support for BSS color change\") added the\nath11k_mac_bcn_tx_event(), commit 01e782c89108 (\"ath11k: fix warning\nof RCU usage for ath11k_mac_get_arvif_by_vdev_id()\") added the RCU lock\nto avoid warning but also introduced this BUG.\n\nUse work queue to avoid directly calling ath11k_mac_bcn_tx_event()\nduring RCU critical sections. No need to worry about the deletion of vif\nbecause cancel_work_sync() will drop the work if it doesn't start or\nblock vif deletion until the running work is done.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47724", url: "https://www.suse.com/security/cve/CVE-2024-47724", }, { category: "external", summary: "SUSE Bug 1232073 for CVE-2024-47724", url: "https://bugzilla.suse.com/1232073", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47724", }, { cve: "CVE-2024-47726", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47726", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait dio completion\n\nIt should wait all existing dio write IOs before block removal,\notherwise, previous direct write IO may overwrite data in the\nblock which may be reused by other inode.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47726", url: "https://www.suse.com/security/cve/CVE-2024-47726", }, { category: "external", summary: "SUSE Bug 1232113 for CVE-2024-47726", url: "https://bugzilla.suse.com/1232113", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47726", }, { cve: "CVE-2024-47727", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47727", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Fix \"in-kernel MMIO\" check\n\nTDX only supports kernel-initiated MMIO operations. The handle_mmio()\nfunction checks if the #VE exception occurred in the kernel and rejects\nthe operation if it did not.\n\nHowever, userspace can deceive the kernel into performing MMIO on its\nbehalf. For example, if userspace can point a syscall to an MMIO address,\nsyscall does get_user() or put_user() on it, triggering MMIO #VE. The\nkernel will treat the #VE as in-kernel MMIO.\n\nEnsure that the target MMIO address is within the kernel before decoding\ninstruction.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47727", url: "https://www.suse.com/security/cve/CVE-2024-47727", }, { category: "external", summary: "SUSE Bug 1232116 for CVE-2024-47727", url: "https://bugzilla.suse.com/1232116", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47727", }, { cve: "CVE-2024-47728", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47728", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error\n\nFor all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input\narguments, zero the value for the case of an error as otherwise it could leak\nmemory. For tracing, it is not needed given CAP_PERFMON can already read all\nkernel memory anyway hence bpf_get_func_arg() and bpf_get_func_ret() is skipped\nin here.\n\nAlso, the MTU helpers mtu_len pointer value is being written but also read.\nTechnically, the MEM_UNINIT should not be there in order to always force init.\nRemoving MEM_UNINIT needs more verifier rework though: MEM_UNINIT right now\nimplies two things actually: i) write into memory, ii) memory does not have\nto be initialized. If we lift MEM_UNINIT, it then becomes: i) read into memory,\nii) memory must be initialized. This means that for bpf_*_check_mtu() we're\nreadding the issue we're trying to fix, that is, it would then be able to\nwrite back into things like .rodata BPF maps. Follow-up work will rework the\nMEM_UNINIT semantics such that the intent can be better expressed. For now\njust clear the *mtu_len on error path which can be lifted later again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47728", url: "https://www.suse.com/security/cve/CVE-2024-47728", }, { category: "external", summary: "SUSE Bug 1232076 for CVE-2024-47728", url: "https://bugzilla.suse.com/1232076", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47728", }, { cve: "CVE-2024-47729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47729", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Use reserved copy engine for user binds on faulting devices\n\nUser binds map to engines with can fault, faults depend on user binds\ncompletion, thus we can deadlock. Avoid this by using reserved copy\nengine for user binds on faulting devices.\n\nWhile we are here, normalize bind queue creation with a helper.\n\nv2:\n - Pass in extensions to bind queue creation (CI)\nv3:\n - s/resevered/reserved (Lucas)\n - Fix NULL hwe check (Jonathan)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47729", url: "https://www.suse.com/security/cve/CVE-2024-47729", }, { category: "external", summary: "SUSE Bug 1232077 for CVE-2024-47729", url: "https://bugzilla.suse.com/1232077", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47729", }, { cve: "CVE-2024-47730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47730", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - inject error before stopping queue\n\nThe master ooo cannot be completely closed when the\naccelerator core reports memory error. Therefore, the driver\nneeds to inject the qm error to close the master ooo. Currently,\nthe qm error is injected after stopping queue, memory may be\nreleased immediately after stopping queue, causing the device to\naccess the released memory. Therefore, error is injected to close master\nooo before stopping queue to ensure that the device does not access\nthe released memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47730", url: "https://www.suse.com/security/cve/CVE-2024-47730", }, { category: "external", summary: "SUSE Bug 1232075 for CVE-2024-47730", url: "https://bugzilla.suse.com/1232075", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47730", }, { cve: "CVE-2024-47731", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47731", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: Fix ali_drw_pmu driver interrupt status clearing\n\nThe alibaba_uncore_pmu driver forgot to clear all interrupt status\nin the interrupt processing function. After the PMU counter overflow\ninterrupt occurred, an interrupt storm occurred, causing the system\nto hang.\n\nTherefore, clear the correct interrupt status in the interrupt handling\nfunction to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47731", url: "https://www.suse.com/security/cve/CVE-2024-47731", }, { category: "external", summary: "SUSE Bug 1232117 for CVE-2024-47731", url: "https://bugzilla.suse.com/1232117", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47731", }, { cve: "CVE-2024-47732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47732", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix potential use after free bug\n\nThe free_device_compression_mode(iaa_device, device_mode) function frees\n\"device_mode\" but it iss passed to iaa_compression_modes[i]->free() a few\nlines later resulting in a use after free.\n\nThe good news is that, so far as I can tell, nothing implements the\n->free() function and the use after free happens in dead code. But, with\nthis fix, when something does implement it, we'll be ready. :)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47732", url: "https://www.suse.com/security/cve/CVE-2024-47732", }, { category: "external", summary: "SUSE Bug 1232109 for CVE-2024-47732", url: "https://bugzilla.suse.com/1232109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47732", }, { cve: "CVE-2024-47733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47733", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfs: Delete subtree of 'fs/netfs' when netfs module exits\n\nIn netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs',\nbut in netfs_exit(), we only delete the proc entry of 'fs/netfs' without\ndeleting its subtree. This triggers the following WARNING:\n\n==================================================================\nremove_proc_entry: removing non-empty directory 'fs/netfs', leaking at least 'requests'\nWARNING: CPU: 4 PID: 566 at fs/proc/generic.c:717 remove_proc_entry+0x160/0x1c0\nModules linked in: netfs(-)\nCPU: 4 UID: 0 PID: 566 Comm: rmmod Not tainted 6.11.0-rc3 #860\nRIP: 0010:remove_proc_entry+0x160/0x1c0\nCall Trace:\n <TASK>\n netfs_exit+0x12/0x620 [netfs]\n __do_sys_delete_module.isra.0+0x14c/0x2e0\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n==================================================================\n\nTherefore use remove_proc_subtree() instead of remove_proc_entry() to\nfix the above problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47733", url: "https://www.suse.com/security/cve/CVE-2024-47733", }, { category: "external", summary: "SUSE Bug 1232110 for CVE-2024-47733", url: "https://bugzilla.suse.com/1232110", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47733", }, { cve: "CVE-2024-47734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47734", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()\n\nsyzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce\nthis[1], one bond device (bond1) has xdpdrv, which increases\nbpf_master_redirect_enabled_key. Another bond device (bond0) which is\nunsupported by XDP but its slave (veth3) has xdpgeneric that returns\nXDP_TX. This triggers WARN_ON_ONCE() from the xdp_master_redirect().\nTo reduce unnecessary warnings and improve log management, we need to\ndelete the WARN_ON_ONCE() and add ratelimit to the netdev_err().\n\n[1] Steps to reproduce:\n # Needs tx_xdp with return XDP_TX;\n ip l add veth0 type veth peer veth1\n ip l add veth3 type veth peer veth4\n ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP\n ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default\n ip l set veth0 master bond1\n ip l set bond1 up\n # Increases bpf_master_redirect_enabled_key\n ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx\n ip l set veth3 master bond0\n ip l set bond0 up\n ip l set veth4 up\n # Triggers WARN_ON_ONCE() from the xdp_master_redirect()\n ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47734", url: "https://www.suse.com/security/cve/CVE-2024-47734", }, { category: "external", summary: "SUSE Bug 1232055 for CVE-2024-47734", url: "https://bugzilla.suse.com/1232055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47734", }, { cve: "CVE-2024-47735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47735", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled\n\nFix missuse of spin_lock_irq()/spin_unlock_irq() when\nspin_lock_irqsave()/spin_lock_irqrestore() was hold.\n\nThis was discovered through the lock debugging, and the corresponding\nlog is as follows:\n\nraw_local_irq_restore() called with IRQs enabled\nWARNING: CPU: 96 PID: 2074 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40\n...\nCall trace:\n warn_bogus_irq_restore+0x30/0x40\n _raw_spin_unlock_irqrestore+0x84/0xc8\n add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2]\n hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2]\n hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2]\n create_qp+0x138/0x258\n ib_create_qp_kernel+0x50/0xe8\n create_mad_qp+0xa8/0x128\n ib_mad_port_open+0x218/0x448\n ib_mad_init_device+0x70/0x1f8\n add_client_context+0xfc/0x220\n enable_device_and_get+0xd0/0x140\n ib_register_device.part.0+0xf4/0x1c8\n ib_register_device+0x34/0x50\n hns_roce_register_device+0x174/0x3d0 [hns_roce_hw_v2]\n hns_roce_init+0xfc/0x2c0 [hns_roce_hw_v2]\n __hns_roce_hw_v2_init_instance+0x7c/0x1d0 [hns_roce_hw_v2]\n hns_roce_hw_v2_init_instance+0x9c/0x180 [hns_roce_hw_v2]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47735", url: "https://www.suse.com/security/cve/CVE-2024-47735", }, { category: "external", summary: "SUSE Bug 1232111 for CVE-2024-47735", url: "https://bugzilla.suse.com/1232111", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47735", }, { cve: "CVE-2024-47736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47736", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle overlapped pclusters out of crafted images properly\n\nsyzbot reported a task hang issue due to a deadlock case where it is\nwaiting for the folio lock of a cached folio that will be used for\ncache I/Os.\n\nAfter looking into the crafted fuzzed image, I found it's formed with\nseveral overlapped big pclusters as below:\n\n Ext: logical offset | length : physical offset | length\n 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384\n 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384\n 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384\n...\n\nHere, extent 0/1 are physically overlapped although it's entirely\n_impossible_ for normal filesystem images generated by mkfs.\n\nFirst, managed folios containing compressed data will be marked as\nup-to-date and then unlocked immediately (unlike in-place folios) when\ncompressed I/Os are complete. If physical blocks are not submitted in\nthe incremental order, there should be separate BIOs to avoid dependency\nissues. However, the current code mis-arranges z_erofs_fill_bio_vec()\nand BIO submission which causes unexpected BIO waits.\n\nSecond, managed folios will be connected to their own pclusters for\nefficient inter-queries. However, this is somewhat hard to implement\neasily if overlapped big pclusters exist. Again, these only appear in\nfuzzed images so let's simply fall back to temporary short-lived pages\nfor correctness.\n\nAdditionally, it justifies that referenced managed folios cannot be\ntruncated for now and reverts part of commit 2080ca1ed3e4 (\"erofs: tidy\nup `struct z_erofs_bvec`\") for simplicity although it shouldn't be any\ndifference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47736", url: "https://www.suse.com/security/cve/CVE-2024-47736", }, { category: "external", summary: "SUSE Bug 1232112 for CVE-2024-47736", url: "https://bugzilla.suse.com/1232112", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47736", }, { cve: "CVE-2024-47737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47737", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: call cache_put if xdr_reserve_space returns NULL\n\nIf not enough buffer space available, but idmap_lookup has triggered\nlookup_fn which calls cache_get and returns successfully. Then we\nmissed to call cache_put here which pairs with cache_get.\n\nReviwed-by: Jeff Layton <jlayton@kernel.org>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47737", url: "https://www.suse.com/security/cve/CVE-2024-47737", }, { category: "external", summary: "SUSE Bug 1232056 for CVE-2024-47737", url: "https://bugzilla.suse.com/1232056", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47737", }, { cve: "CVE-2024-47738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47738", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don't use rate mask for offchannel TX either\n\nLike the commit ab9177d83c04 (\"wifi: mac80211: don't use rate mask for\nscanning\"), ignore incorrect settings to avoid no supported rate warning\nreported by syzbot.\n\nThe syzbot did bisect and found cause is commit 9df66d5b9f45 (\"cfg80211:\nfix default HE tx bitrate mask in 2G band\"), which however corrects\nbitmask of HE MCS and recognizes correctly settings of empty legacy rate\nplus HE MCS rate instead of returning -EINVAL.\n\nAs suggestions [1], follow the change of SCAN TX to consider this case of\noffchannel TX as well.\n\n[1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47738", url: "https://www.suse.com/security/cve/CVE-2024-47738", }, { category: "external", summary: "SUSE Bug 1232114 for CVE-2024-47738", url: "https://bugzilla.suse.com/1232114", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47738", }, { cve: "CVE-2024-47739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47739", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: use integer wrap around to prevent deadlock on seq_nr overflow\n\nWhen submitting more than 2^32 padata objects to padata_do_serial, the\ncurrent sorting implementation incorrectly sorts padata objects with\noverflowed seq_nr, causing them to be placed before existing objects in\nthe reorder list. This leads to a deadlock in the serialization process\nas padata_find_next cannot match padata->seq_nr and pd->processed\nbecause the padata instance with overflowed seq_nr will be selected\nnext.\n\nTo fix this, we use an unsigned integer wrap around to correctly sort\npadata objects in scenarios with integer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47739", url: "https://www.suse.com/security/cve/CVE-2024-47739", }, { category: "external", summary: "SUSE Bug 1232124 for CVE-2024-47739", url: "https://bugzilla.suse.com/1232124", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47739", }, { cve: "CVE-2024-47740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47740", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: Require FMODE_WRITE for atomic write ioctls\n\nThe F2FS ioctls for starting and committing atomic writes check for\ninode_owner_or_capable(), but this does not give LSMs like SELinux or\nLandlock an opportunity to deny the write access - if the caller's FSUID\nmatches the inode's UID, inode_owner_or_capable() immediately returns true.\n\nThere are scenarios where LSMs want to deny a process the ability to write\nparticular files, even files that the FSUID of the process owns; but this\ncan currently partially be bypassed using atomic write ioctls in two ways:\n\n - F2FS_IOC_START_ATOMIC_REPLACE + F2FS_IOC_COMMIT_ATOMIC_WRITE can\n truncate an inode to size 0\n - F2FS_IOC_START_ATOMIC_WRITE + F2FS_IOC_ABORT_ATOMIC_WRITE can revert\n changes another process concurrently made to a file\n\nFix it by requiring FMODE_WRITE for these operations, just like for\nF2FS_IOC_MOVE_RANGE. Since any legitimate caller should only be using these\nioctls when intending to write into the file, that seems unlikely to break\nanything.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47740", url: "https://www.suse.com/security/cve/CVE-2024-47740", }, { category: "external", summary: "SUSE Bug 1231867 for CVE-2024-47740", url: "https://bugzilla.suse.com/1231867", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47740", }, { cve: "CVE-2024-47741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47741", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race setting file private on concurrent lseek using same fd\n\nWhen doing concurrent lseek(2) system calls against the same file\ndescriptor, using multiple threads belonging to the same process, we have\na short time window where a race happens and can result in a memory leak.\n\nThe race happens like this:\n\n1) A program opens a file descriptor for a file and then spawns two\n threads (with the pthreads library for example), lets call them\n task A and task B;\n\n2) Task A calls lseek with SEEK_DATA or SEEK_HOLE and ends up at\n file.c:find_desired_extent() while holding a read lock on the inode;\n\n3) At the start of find_desired_extent(), it extracts the file's\n private_data pointer into a local variable named 'private', which has\n a value of NULL;\n\n4) Task B also calls lseek with SEEK_DATA or SEEK_HOLE, locks the inode\n in shared mode and enters file.c:find_desired_extent(), where it also\n extracts file->private_data into its local variable 'private', which\n has a NULL value;\n\n5) Because it saw a NULL file private, task A allocates a private\n structure and assigns to the file structure;\n\n6) Task B also saw a NULL file private so it also allocates its own file\n private and then assigns it to the same file structure, since both\n tasks are using the same file descriptor.\n\n At this point we leak the private structure allocated by task A.\n\nBesides the memory leak, there's also the detail that both tasks end up\nusing the same cached state record in the private structure (struct\nbtrfs_file_private::llseek_cached_state), which can result in a\nuse-after-free problem since one task can free it while the other is\nstill using it (only one task took a reference count on it). Also, sharing\nthe cached state is not a good idea since it could result in incorrect\nresults in the future - right now it should not be a problem because it\nend ups being used only in extent-io-tree.c:count_range_bits() where we do\nrange validation before using the cached state.\n\nFix this by protecting the private assignment and check of a file while\nholding the inode's spinlock and keep track of the task that allocated\nthe private, so that it's used only by that task in order to prevent\nuser-after-free issues with the cached state record as well as potentially\nusing it incorrectly in the future.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47741", url: "https://www.suse.com/security/cve/CVE-2024-47741", }, { category: "external", summary: "SUSE Bug 1231869 for CVE-2024-47741", url: "https://bugzilla.suse.com/1231869", }, { category: "external", summary: "SUSE Bug 1231870 for CVE-2024-47741", url: "https://bugzilla.suse.com/1231870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47741", }, { cve: "CVE-2024-47742", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47742", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware_loader: Block path traversal\n\nMost firmware names are hardcoded strings, or are constructed from fairly\nconstrained format strings where the dynamic parts are just some hex\nnumbers or such.\n\nHowever, there are a couple codepaths in the kernel where firmware file\nnames contain string components that are passed through from a device or\nsemi-privileged userspace; the ones I could find (not counting interfaces\nthat require root privileges) are:\n\n - lpfc_sli4_request_firmware_update() seems to construct the firmware\n filename from \"ModelName\", a string that was previously parsed out of\n some descriptor (\"Vital Product Data\") in lpfc_fill_vpd()\n - nfp_net_fw_find() seems to construct a firmware filename from a model\n name coming from nfp_hwinfo_lookup(pf->hwinfo, \"nffw.partno\"), which I\n think parses some descriptor that was read from the device.\n (But this case likely isn't exploitable because the format string looks\n like \"netronome/nic_%s\", and there shouldn't be any *folders* starting\n with \"netronome/nic_\". The previous case was different because there,\n the \"%s\" is *at the start* of the format string.)\n - module_flash_fw_schedule() is reachable from the\n ETHTOOL_MSG_MODULE_FW_FLASH_ACT netlink command, which is marked as\n GENL_UNS_ADMIN_PERM (meaning CAP_NET_ADMIN inside a user namespace is\n enough to pass the privilege check), and takes a userspace-provided\n firmware name.\n (But I think to reach this case, you need to have CAP_NET_ADMIN over a\n network namespace that a special kind of ethernet device is mapped into,\n so I think this is not a viable attack path in practice.)\n\nFix it by rejecting any firmware names containing \"..\" path components.\n\nFor what it's worth, I went looking and haven't found any USB device\ndrivers that use the firmware loader dangerously.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47742", url: "https://www.suse.com/security/cve/CVE-2024-47742", }, { category: "external", summary: "SUSE Bug 1232126 for CVE-2024-47742", url: "https://bugzilla.suse.com/1232126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47742", }, { cve: "CVE-2024-47743", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47743", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: prevent NULL pointer dereference in find_asymmetric_key()\n\nIn find_asymmetric_key(), if all NULLs are passed in the id_{0,1,2}\narguments, the kernel will first emit WARN but then have an oops\nbecause id_2 gets dereferenced anyway.\n\nAdd the missing id_2 check and move WARN_ON() to the final else branch\nto avoid duplicate NULL checks.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace static\nanalysis tool.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47743", url: "https://www.suse.com/security/cve/CVE-2024-47743", }, { category: "external", summary: "SUSE Bug 1232129 for CVE-2024-47743", url: "https://bugzilla.suse.com/1232129", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47743", }, { cve: "CVE-2024-47744", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47744", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock\n\nUse a dedicated mutex to guard kvm_usage_count to fix a potential deadlock\non x86 due to a chain of locks and SRCU synchronizations. Translating the\nbelow lockdep splat, CPU1 #6 will wait on CPU0 #1, CPU0 #8 will wait on\nCPU2 #3, and CPU2 #7 will wait on CPU1 #4 (if there's a writer, due to the\nfairness of r/w semaphores).\n\n CPU0 CPU1 CPU2\n1 lock(&kvm->slots_lock);\n2 lock(&vcpu->mutex);\n3 lock(&kvm->srcu);\n4 lock(cpu_hotplug_lock);\n5 lock(kvm_lock);\n6 lock(&kvm->slots_lock);\n7 lock(cpu_hotplug_lock);\n8 sync(&kvm->srcu);\n\nNote, there are likely more potential deadlocks in KVM x86, e.g. the same\npattern of taking cpu_hotplug_lock outside of kvm_lock likely exists with\n__kvmclock_cpufreq_notifier():\n\n cpuhp_cpufreq_online()\n |\n -> cpufreq_online()\n |\n -> cpufreq_gov_performance_limits()\n |\n -> __cpufreq_driver_target()\n |\n -> __target_index()\n |\n -> cpufreq_freq_transition_begin()\n |\n -> cpufreq_notify_transition()\n |\n -> ... __kvmclock_cpufreq_notifier()\n\nBut, actually triggering such deadlocks is beyond rare due to the\ncombination of dependencies and timings involved. E.g. the cpufreq\nnotifier is only used on older CPUs without a constant TSC, mucking with\nthe NX hugepage mitigation while VMs are running is very uncommon, and\ndoing so while also onlining/offlining a CPU (necessary to generate\ncontention on cpu_hotplug_lock) would be even more unusual.\n\nThe most robust solution to the general cpu_hotplug_lock issue is likely\nto switch vm_list to be an RCU-protected list, e.g. so that x86's cpufreq\nnotifier doesn't to take kvm_lock. For now, settle for fixing the most\nblatant deadlock, as switching to an RCU-protected list is a much more\ninvolved change, but add a comment in locking.rst to call out that care\nneeds to be taken when walking holding kvm_lock and walking vm_list.\n\n ======================================================\n WARNING: possible circular locking dependency detected\n 6.10.0-smp--c257535a0c9d-pip #330 Tainted: G S O\n ------------------------------------------------------\n tee/35048 is trying to acquire lock:\n ff6a80eced71e0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x179/0x1e0 [kvm]\n\n but task is already holding lock:\n ffffffffc07abb08 (kvm_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x14a/0x1e0 [kvm]\n\n which lock already depends on the new lock.\n\n the existing dependency chain (in reverse order) is:\n\n -> #3 (kvm_lock){+.+.}-{3:3}:\n __mutex_lock+0x6a/0xb40\n mutex_lock_nested+0x1f/0x30\n kvm_dev_ioctl+0x4fb/0xe50 [kvm]\n __se_sys_ioctl+0x7b/0xd0\n __x64_sys_ioctl+0x21/0x30\n x64_sys_call+0x15d0/0x2e60\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n -> #2 (cpu_hotplug_lock){++++}-{0:0}:\n cpus_read_lock+0x2e/0xb0\n static_key_slow_inc+0x16/0x30\n kvm_lapic_set_base+0x6a/0x1c0 [kvm]\n kvm_set_apic_base+0x8f/0xe0 [kvm]\n kvm_set_msr_common+0x9ae/0xf80 [kvm]\n vmx_set_msr+0xa54/0xbe0 [kvm_intel]\n __kvm_set_msr+0xb6/0x1a0 [kvm]\n kvm_arch_vcpu_ioctl+0xeca/0x10c0 [kvm]\n kvm_vcpu_ioctl+0x485/0x5b0 [kvm]\n __se_sys_ioctl+0x7b/0xd0\n __x64_sys_ioctl+0x21/0x30\n x64_sys_call+0x15d0/0x2e60\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n -> #1 (&kvm->srcu){.+.+}-{0:0}:\n __synchronize_srcu+0x44/0x1a0\n \n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47744", url: "https://www.suse.com/security/cve/CVE-2024-47744", }, { category: "external", summary: "SUSE Bug 1232132 for CVE-2024-47744", url: "https://bugzilla.suse.com/1232132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47744", }, { cve: "CVE-2024-47745", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47745", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: call the security_mmap_file() LSM hook in remap_file_pages()\n\nThe remap_file_pages syscall handler calls do_mmap() directly, which\ndoesn't contain the LSM security check. And if the process has called\npersonality(READ_IMPLIES_EXEC) before and remap_file_pages() is called for\nRW pages, this will actually result in remapping the pages to RWX,\nbypassing a W^X policy enforced by SELinux.\n\nSo we should check prot by security_mmap_file LSM hook in the\nremap_file_pages syscall handler before do_mmap() is called. Otherwise, it\npotentially permits an attacker to bypass a W^X policy enforced by\nSELinux.\n\nThe bypass is similar to CVE-2016-10044, which bypass the same thing via\nAIO and can be found in [1].\n\nThe PoC:\n\n$ cat > test.c\n\nint main(void) {\n\tsize_t pagesz = sysconf(_SC_PAGE_SIZE);\n\tint mfd = syscall(SYS_memfd_create, \"test\", 0);\n\tconst char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE,\n\t\tMAP_SHARED, mfd, 0);\n\tunsigned int old = syscall(SYS_personality, 0xffffffff);\n\tsyscall(SYS_personality, READ_IMPLIES_EXEC | old);\n\tsyscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0);\n\tsyscall(SYS_personality, old);\n\t// show the RWX page exists even if W^X policy is enforced\n\tint fd = open(\"/proc/self/maps\", O_RDONLY);\n\tunsigned char buf2[1024];\n\twhile (1) {\n\t\tint ret = read(fd, buf2, 1024);\n\t\tif (ret <= 0) break;\n\t\twrite(1, buf2, ret);\n\t}\n\tclose(fd);\n}\n\n$ gcc test.c -o test\n$ ./test | grep rwx\n7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted)\n\n[PM: subject line tweaks]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47745", url: "https://www.suse.com/security/cve/CVE-2024-47745", }, { category: "external", summary: "SUSE Bug 1232135 for CVE-2024-47745", url: "https://bugzilla.suse.com/1232135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47745", }, { cve: "CVE-2024-47746", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47746", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set\n\nThis may be a typo. The comment has said shared locks are\nnot allowed when this bit is set. If using shared lock, the\nwait in `fuse_file_cached_io_open` may be forever.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47746", url: "https://www.suse.com/security/cve/CVE-2024-47746", }, { category: "external", summary: "SUSE Bug 1232137 for CVE-2024-47746", url: "https://bugzilla.suse.com/1232137", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47746", }, { cve: "CVE-2024-47747", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47747", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition\n\nIn the ether3_probe function, a timer is initialized with a callback\nfunction ether3_ledoff, bound to &prev(dev)->timer. Once the timer is\nstarted, there is a risk of a race condition if the module or device\nis removed, triggering the ether3_remove function to perform cleanup.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | ether3_ledoff\nether3_remove |\n free_netdev(dev); |\n put_devic |\n kfree(dev); |\n | ether3_outw(priv(dev)->regs.config2 |= CFG2_CTRLO, REG_CONFIG2);\n | // use dev\n\nFix it by ensuring that the timer is canceled before proceeding with\nthe cleanup in ether3_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47747", url: "https://www.suse.com/security/cve/CVE-2024-47747", }, { category: "external", summary: "SUSE Bug 1232145 for CVE-2024-47747", url: "https://bugzilla.suse.com/1232145", }, { category: "external", summary: "SUSE Bug 1232146 for CVE-2024-47747", url: "https://bugzilla.suse.com/1232146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47747", }, { cve: "CVE-2024-47748", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47748", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost_vdpa: assign irq bypass producer token correctly\n\nWe used to call irq_bypass_unregister_producer() in\nvhost_vdpa_setup_vq_irq() which is problematic as we don't know if the\ntoken pointer is still valid or not.\n\nActually, we use the eventfd_ctx as the token so the life cycle of the\ntoken should be bound to the VHOST_SET_VRING_CALL instead of\nvhost_vdpa_setup_vq_irq() which could be called by set_status().\n\nFixing this by setting up irq bypass producer's token when handling\nVHOST_SET_VRING_CALL and un-registering the producer before calling\nvhost_vring_ioctl() to prevent a possible use after free as eventfd\ncould have been released in vhost_vring_ioctl(). And such registering\nand unregistering will only be done if DRIVER_OK is set.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47748", url: "https://www.suse.com/security/cve/CVE-2024-47748", }, { category: "external", summary: "SUSE Bug 1232174 for CVE-2024-47748", url: "https://bugzilla.suse.com/1232174", }, { category: "external", summary: "SUSE Bug 1232177 for CVE-2024-47748", url: "https://bugzilla.suse.com/1232177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47748", }, { cve: "CVE-2024-47749", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47749", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cxgb4: Added NULL check for lookup_atid\n\nThe lookup_atid() function can return NULL if the ATID is\ninvalid or does not exist in the identifier table, which\ncould lead to dereferencing a null pointer without a\ncheck in the `act_establish()` and `act_open_rpl()` functions.\nAdd a NULL check to prevent null pointer dereferencing.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47749", url: "https://www.suse.com/security/cve/CVE-2024-47749", }, { category: "external", summary: "SUSE Bug 1232180 for CVE-2024-47749", url: "https://bugzilla.suse.com/1232180", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47749", }, { cve: "CVE-2024-47750", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47750", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix Use-After-Free of rsv_qp on HIP08\n\nCurrently rsv_qp is freed before ib_unregister_device() is called\non HIP08. During the time interval, users can still dereg MR and\nrsv_qp will be used in this process, leading to a UAF. Move the\nrelease of rsv_qp after calling ib_unregister_device() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47750", url: "https://www.suse.com/security/cve/CVE-2024-47750", }, { category: "external", summary: "SUSE Bug 1232182 for CVE-2024-47750", url: "https://bugzilla.suse.com/1232182", }, { category: "external", summary: "SUSE Bug 1232829 for CVE-2024-47750", url: "https://bugzilla.suse.com/1232829", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47750", }, { cve: "CVE-2024-47751", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47751", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()\n\nWithin kirin_pcie_parse_port(), the pcie->num_slots is compared to\npcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead\nto an overflow.\n\nThus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move\npcie->num_slots increment below the if-statement to avoid out-of-bounds\narray access.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[kwilczynski: commit log]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47751", url: "https://www.suse.com/security/cve/CVE-2024-47751", }, { category: "external", summary: "SUSE Bug 1232127 for CVE-2024-47751", url: "https://bugzilla.suse.com/1232127", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47751", }, { cve: "CVE-2024-47752", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47752", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix H264 stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_h264_req_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47752", url: "https://www.suse.com/security/cve/CVE-2024-47752", }, { category: "external", summary: "SUSE Bug 1232130 for CVE-2024-47752", url: "https://bugzilla.suse.com/1232130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47752", }, { cve: "CVE-2024-47753", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47753", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix VP8 stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_vp8_req_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47753", url: "https://www.suse.com/security/cve/CVE-2024-47753", }, { category: "external", summary: "SUSE Bug 1231868 for CVE-2024-47753", url: "https://bugzilla.suse.com/1231868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47753", }, { cve: "CVE-2024-47754", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47754", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning\n\nFix a smatch static checker warning on vdec_h264_req_multi_if.c.\nWhich leads to a kernel crash when fb is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47754", url: "https://www.suse.com/security/cve/CVE-2024-47754", }, { category: "external", summary: "SUSE Bug 1232131 for CVE-2024-47754", url: "https://bugzilla.suse.com/1232131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47754", }, { cve: "CVE-2024-47756", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47756", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: keystone: Fix if-statement expression in ks_pcie_quirk()\n\nThis code accidentally uses && where || was intended. It potentially\nresults in a NULL dereference.\n\nThus, fix the if-statement expression to use the correct condition.\n\n[kwilczynski: commit log]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47756", url: "https://www.suse.com/security/cve/CVE-2024-47756", }, { category: "external", summary: "SUSE Bug 1232185 for CVE-2024-47756", url: "https://bugzilla.suse.com/1232185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-47756", }, { cve: "CVE-2024-47757", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47757", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential oob read in nilfs_btree_check_delete()\n\nThe function nilfs_btree_check_delete(), which checks whether degeneration\nto direct mapping occurs before deleting a b-tree entry, causes memory\naccess outside the block buffer when retrieving the maximum key if the\nroot node has no entries.\n\nThis does not usually happen because b-tree mappings with 0 child nodes\nare never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen\nif the b-tree root node read from a device is configured that way, so fix\nthis potential issue by adding a check for that case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47757", url: "https://www.suse.com/security/cve/CVE-2024-47757", }, { category: "external", summary: "SUSE Bug 1232187 for CVE-2024-47757", url: "https://bugzilla.suse.com/1232187", }, { category: "external", summary: "SUSE Bug 1232188 for CVE-2024-47757", url: "https://bugzilla.suse.com/1232188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-47757", }, { cve: "CVE-2024-49850", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49850", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos\n\nIn case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL\nreferencing a non-existing BTF type, function bpf_core_calc_relo_insn\nwould cause a null pointer deference.\n\nFix this by adding a proper check upper in call stack, as malformed\nrelocation records could be passed from user space.\n\nSimplest reproducer is a program:\n\n r0 = 0\n exit\n\nWith a single relocation record:\n\n .insn_off = 0, /* patch first instruction */\n .type_id = 100500, /* this type id does not exist */\n .access_str_off = 6, /* offset of string \"0\" */\n .kind = BPF_CORE_TYPE_ID_LOCAL,\n\nSee the link for original reproducer or next commit for a test case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49850", url: "https://www.suse.com/security/cve/CVE-2024-49850", }, { category: "external", summary: "SUSE Bug 1232189 for CVE-2024-49850", url: "https://bugzilla.suse.com/1232189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49850", }, { cve: "CVE-2024-49851", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49851", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Clean up TPM space after command failure\n\ntpm_dev_transmit prepares the TPM space before attempting command\ntransmission. However if the command fails no rollback of this\npreparation is done. This can result in transient handles being leaked\nif the device is subsequently closed with no further commands performed.\n\nFix this by flushing the space in the event of command transmission\nfailure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49851", url: "https://www.suse.com/security/cve/CVE-2024-49851", }, { category: "external", summary: "SUSE Bug 1232134 for CVE-2024-49851", url: "https://bugzilla.suse.com/1232134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49851", }, { cve: "CVE-2024-49852", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49852", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()\n\nThe kref_put() function will call nport->release if the refcount drops to\nzero. The nport->release release function is _efc_nport_free() which frees\n\"nport\". But then we dereference \"nport\" on the next line which is a use\nafter free. Re-order these lines to avoid the use after free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49852", url: "https://www.suse.com/security/cve/CVE-2024-49852", }, { category: "external", summary: "SUSE Bug 1232819 for CVE-2024-49852", url: "https://bugzilla.suse.com/1232819", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49852", }, { cve: "CVE-2024-49853", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49853", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix double free in OPTEE transport\n\nChannels can be shared between protocols, avoid freeing the same channel\ndescriptors twice when unloading the stack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49853", url: "https://www.suse.com/security/cve/CVE-2024-49853", }, { category: "external", summary: "SUSE Bug 1232192 for CVE-2024-49853", url: "https://bugzilla.suse.com/1232192", }, { category: "external", summary: "SUSE Bug 1232828 for CVE-2024-49853", url: "https://bugzilla.suse.com/1232828", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49853", }, { cve: "CVE-2024-49854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49854", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49854", url: "https://www.suse.com/security/cve/CVE-2024-49854", }, { category: "external", summary: "SUSE Bug 1232193 for CVE-2024-49854", url: "https://bugzilla.suse.com/1232193", }, { category: "external", summary: "SUSE Bug 1236571 for CVE-2024-49854", url: "https://bugzilla.suse.com/1236571", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49854", }, { cve: "CVE-2024-49855", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49855", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix race between timeout and normal completion\n\nIf request timetout is handled by nbd_requeue_cmd(), normal completion\nhas to be stopped for avoiding to complete this requeued request, other\nuse-after-free can be triggered.\n\nFix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime\nmake sure that cmd->lock is grabbed for clearing the flag and the\nrequeue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49855", url: "https://www.suse.com/security/cve/CVE-2024-49855", }, { category: "external", summary: "SUSE Bug 1232195 for CVE-2024-49855", url: "https://bugzilla.suse.com/1232195", }, { category: "external", summary: "SUSE Bug 1232900 for CVE-2024-49855", url: "https://bugzilla.suse.com/1232900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49855", }, { cve: "CVE-2024-49856", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49856", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/sgx: Fix deadlock in SGX NUMA node search\n\nWhen the current node doesn't have an EPC section configured by firmware\nand all other EPC sections are used up, CPU can get stuck inside the\nwhile loop that looks for an available EPC page from remote nodes\nindefinitely, leading to a soft lockup. Note how nid_of_current will\nnever be equal to nid in that while loop because nid_of_current is not\nset in sgx_numa_mask.\n\nAlso worth mentioning is that it's perfectly fine for the firmware not\nto setup an EPC section on a node. While setting up an EPC section on\neach node can enhance performance, it is not a requirement for\nfunctionality.\n\nRework the loop to start and end on *a* node that has SGX memory. This\navoids the deadlock looking for the current SGX-lacking node to show up\nin the loop when it never will.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49856", url: "https://www.suse.com/security/cve/CVE-2024-49856", }, { category: "external", summary: "SUSE Bug 1232202 for CVE-2024-49856", url: "https://bugzilla.suse.com/1232202", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49856", }, { cve: "CVE-2024-49857", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49857", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: set the cipher for secured NDP ranging\n\nThe cipher pointer is not set, but is derefereced trying to set its\ncontent, which leads to a NULL pointer dereference.\nFix it by pointing to the cipher parameter before dereferencing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49857", url: "https://www.suse.com/security/cve/CVE-2024-49857", }, { category: "external", summary: "SUSE Bug 1232203 for CVE-2024-49857", url: "https://bugzilla.suse.com/1232203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49857", }, { cve: "CVE-2024-49858", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49858", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let's use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49858", url: "https://www.suse.com/security/cve/CVE-2024-49858", }, { category: "external", summary: "SUSE Bug 1232251 for CVE-2024-49858", url: "https://bugzilla.suse.com/1232251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49858", }, { cve: "CVE-2024-49859", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49859", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to check atomic_file in f2fs ioctl interfaces\n\nSome f2fs ioctl interfaces like f2fs_ioc_set_pin_file(),\nf2fs_move_file_range(), and f2fs_defragment_range() missed to\ncheck atomic_write status, which may cause potential race issue,\nfix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49859", url: "https://www.suse.com/security/cve/CVE-2024-49859", }, { category: "external", summary: "SUSE Bug 1232252 for CVE-2024-49859", url: "https://bugzilla.suse.com/1232252", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49859", }, { cve: "CVE-2024-49860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49860", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: sysfs: validate return type of _STR method\n\nOnly buffer objects are valid return values of _STR.\n\nIf something else is returned description_show() will access invalid\nmemory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49860", url: "https://www.suse.com/security/cve/CVE-2024-49860", }, { category: "external", summary: "SUSE Bug 1231861 for CVE-2024-49860", url: "https://bugzilla.suse.com/1231861", }, { category: "external", summary: "SUSE Bug 1231862 for CVE-2024-49860", url: "https://bugzilla.suse.com/1231862", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49860", }, { cve: "CVE-2024-49861", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49861", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix helper writes to read-only maps\n\nLonial found an issue that despite user- and BPF-side frozen BPF map\n(like in case of .rodata), it was still possible to write into it from\na BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT}\nas arguments.\n\nIn check_func_arg() when the argument is as mentioned, the meta->raw_mode\nis never set. Later, check_helper_mem_access(), under the case of\nPTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the\nsubsequent call to check_map_access_type() and given the BPF map is\nread-only it succeeds.\n\nThe helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT\nwhen results are written into them as opposed to read out of them. The\nlatter indicates that it's okay to pass a pointer to uninitialized memory\nas the memory is written to anyway.\n\nHowever, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM\njust with additional alignment requirement. So it is better to just get\nrid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the\nfixed size memory types. For this, add MEM_ALIGNED to additionally ensure\nalignment given these helpers write directly into the args via *<ptr> = val.\nThe .arg*_size has been initialized reflecting the actual sizeof(*<ptr>).\n\nMEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated\nargument types, since in !MEM_FIXED_SIZE cases the verifier does not know\nthe buffer size a priori and therefore cannot blindly write *<ptr> = val.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49861", url: "https://www.suse.com/security/cve/CVE-2024-49861", }, { category: "external", summary: "SUSE Bug 1232254 for CVE-2024-49861", url: "https://bugzilla.suse.com/1232254", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49861", }, { cve: "CVE-2024-49862", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49862", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: intel_rapl: Fix off by one in get_rpi()\n\nThe rp->priv->rpi array is either rpi_msr or rpi_tpmi which have\nNR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >=\nto prevent an off by one access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49862", url: "https://www.suse.com/security/cve/CVE-2024-49862", }, { category: "external", summary: "SUSE Bug 1231871 for CVE-2024-49862", url: "https://bugzilla.suse.com/1231871", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49862", }, { cve: "CVE-2024-49863", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49863", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost/scsi: null-ptr-dereference in vhost_scsi_get_req()\n\nSince commit 3f8ca2e115e5 (\"vhost/scsi: Extract common handling code\nfrom control queue handler\") a null pointer dereference bug can be\ntriggered when guest sends an SCSI AN request.\n\nIn vhost_scsi_ctl_handle_vq(), `vc.target` is assigned with\n`&v_req.tmf.lun[1]` within a switch-case block and is then passed to\nvhost_scsi_get_req() which extracts `vc->req` and `tpg`. However, for\na `VIRTIO_SCSI_T_AN_*` request, tpg is not required, so `vc.target` is\nset to NULL in this branch. Later, in vhost_scsi_get_req(),\n`vc->target` is dereferenced without being checked, leading to a null\npointer dereference bug. This bug can be triggered from guest.\n\nWhen this bug occurs, the vhost_worker process is killed while holding\n`vq->mutex` and the corresponding tpg will remain occupied\nindefinitely.\n\nBelow is the KASAN report:\nOops: general protection fault, probably for non-canonical address\n0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 PID: 840 Comm: poc Not tainted 6.10.0+ #1\nHardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS\n1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:vhost_scsi_get_req+0x165/0x3a0\nCode: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 02 00 00\n48 b8 00 00 00 00 00 fc ff df 4d 8b 65 30 4c 89 e2 48 c1 ea 03 <0f> b6\n04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 be 01 00 00\nRSP: 0018:ffff888017affb50 EFLAGS: 00010246\nRAX: dffffc0000000000 RBX: ffff88801b000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888017affcb8\nRBP: ffff888017affb80 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888017affc88 R14: ffff888017affd1c R15: ffff888017993000\nFS: 000055556e076500(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200027c0 CR3: 0000000010ed0004 CR4: 0000000000370ef0\nCall Trace:\n <TASK>\n ? show_regs+0x86/0xa0\n ? die_addr+0x4b/0xd0\n ? exc_general_protection+0x163/0x260\n ? asm_exc_general_protection+0x27/0x30\n ? vhost_scsi_get_req+0x165/0x3a0\n vhost_scsi_ctl_handle_vq+0x2a4/0xca0\n ? __pfx_vhost_scsi_ctl_handle_vq+0x10/0x10\n ? __switch_to+0x721/0xeb0\n ? __schedule+0xda5/0x5710\n ? __kasan_check_write+0x14/0x30\n ? _raw_spin_lock+0x82/0xf0\n vhost_scsi_ctl_handle_kick+0x52/0x90\n vhost_run_work_list+0x134/0x1b0\n vhost_task_fn+0x121/0x350\n...\n </TASK>\n---[ end trace 0000000000000000 ]---\n\nLet's add a check in vhost_scsi_get_req.\n\n[whitespace fixes]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49863", url: "https://www.suse.com/security/cve/CVE-2024-49863", }, { category: "external", summary: "SUSE Bug 1232255 for CVE-2024-49863", url: "https://bugzilla.suse.com/1232255", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49863", }, { cve: "CVE-2024-49864", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49864", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix a race between socket set up and I/O thread creation\n\nIn rxrpc_open_socket(), it sets up the socket and then sets up the I/O\nthread that will handle it. This is a problem, however, as there's a gap\nbetween the two phases in which a packet may come into rxrpc_encap_rcv()\nfrom the UDP packet but we oops when trying to wake the not-yet created I/O\nthread.\n\nAs a quick fix, just make rxrpc_encap_rcv() discard the packet if there's\nno I/O thread yet.\n\nA better, but more intrusive fix would perhaps be to rearrange things such\nthat the socket creation is done by the I/O thread.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49864", url: "https://www.suse.com/security/cve/CVE-2024-49864", }, { category: "external", summary: "SUSE Bug 1232256 for CVE-2024-49864", url: "https://bugzilla.suse.com/1232256", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49864", }, { cve: "CVE-2024-49865", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49865", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: move xa_alloc to prevent UAF\n\nEvil user can guess the next id of the vm before the ioctl completes and\nthen call vm destroy ioctl to trigger UAF since create ioctl is still\nreferencing the same vm. Move the xa_alloc all the way to the end to\nprevent this.\n\nv2:\n - Rebase\n\n(cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49865", url: "https://www.suse.com/security/cve/CVE-2024-49865", }, { category: "external", summary: "SUSE Bug 1232257 for CVE-2024-49865", url: "https://bugzilla.suse.com/1232257", }, { category: "external", summary: "SUSE Bug 1232901 for CVE-2024-49865", url: "https://bugzilla.suse.com/1232901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49865", }, { cve: "CVE-2024-49866", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49866", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Fix a race during cpuhp processing\n\nThere is another found exception that the \"timerlat/1\" thread was\nscheduled on CPU0, and lead to timer corruption finally:\n\n```\nODEBUG: init active (active state 0) object: ffff888237c2e108 object type: hrtimer hint: timerlat_irq+0x0/0x220\nWARNING: CPU: 0 PID: 426 at lib/debugobjects.c:518 debug_print_object+0x7d/0xb0\nModules linked in:\nCPU: 0 UID: 0 PID: 426 Comm: timerlat/1 Not tainted 6.11.0-rc7+ #45\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nRIP: 0010:debug_print_object+0x7d/0xb0\n...\nCall Trace:\n <TASK>\n ? __warn+0x7c/0x110\n ? debug_print_object+0x7d/0xb0\n ? report_bug+0xf1/0x1d0\n ? prb_read_valid+0x17/0x20\n ? handle_bug+0x3f/0x70\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? debug_print_object+0x7d/0xb0\n ? debug_print_object+0x7d/0xb0\n ? __pfx_timerlat_irq+0x10/0x10\n __debug_object_init+0x110/0x150\n hrtimer_init+0x1d/0x60\n timerlat_main+0xab/0x2d0\n ? __pfx_timerlat_main+0x10/0x10\n kthread+0xb7/0xe0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x40\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n```\n\nAfter tracing the scheduling event, it was discovered that the migration\nof the \"timerlat/1\" thread was performed during thread creation. Further\nanalysis confirmed that it is because the CPU online processing for\nosnoise is implemented through workers, which is asynchronous with the\noffline processing. When the worker was scheduled to create a thread, the\nCPU may has already been removed from the cpu_online_mask during the offline\nprocess, resulting in the inability to select the right CPU:\n\nT1 | T2\n[CPUHP_ONLINE] | cpu_device_down()\nosnoise_hotplug_workfn() |\n | cpus_write_lock()\n | takedown_cpu(1)\n | cpus_write_unlock()\n[CPUHP_OFFLINE] |\n cpus_read_lock() |\n start_kthread(1) |\n cpus_read_unlock() |\n\nTo fix this, skip online processing if the CPU is already offline.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49866", url: "https://www.suse.com/security/cve/CVE-2024-49866", }, { category: "external", summary: "SUSE Bug 1232259 for CVE-2024-49866", url: "https://bugzilla.suse.com/1232259", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49866", }, { cve: "CVE-2024-49867", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49867", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: wait for fixup workers before stopping cleaner kthread during umount\n\nDuring unmount, at close_ctree(), we have the following steps in this order:\n\n1) Park the cleaner kthread - this doesn't destroy the kthread, it basically\n halts its execution (wake ups against it work but do nothing);\n\n2) We stop the cleaner kthread - this results in freeing the respective\n struct task_struct;\n\n3) We call btrfs_stop_all_workers() which waits for any jobs running in all\n the work queues and then free the work queues.\n\nSyzbot reported a case where a fixup worker resulted in a crash when doing\na delayed iput on its inode while attempting to wake up the cleaner at\nbtrfs_add_delayed_iput(), because the task_struct of the cleaner kthread\nwas already freed. This can happen during unmount because we don't wait\nfor any fixup workers still running before we call kthread_stop() against\nthe cleaner kthread, which stops and free all its resources.\n\nFix this by waiting for any fixup workers at close_ctree() before we call\nkthread_stop() against the cleaner and run pending delayed iputs.\n\nThe stack traces reported by syzbot were the following:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n Read of size 8 at addr ffff8880272a8a18 by task kworker/u8:3/52\n\n CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.12.0-rc1-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n Workqueue: btrfs-fixup btrfs_work_helper\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]\n _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162\n class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]\n try_to_wake_up+0xb0/0x1480 kernel/sched/core.c:4154\n btrfs_writepage_fixup_worker+0xc16/0xdf0 fs/btrfs/inode.c:2842\n btrfs_work_helper+0x390/0xc50 fs/btrfs/async-thread.c:314\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>\n\n Allocated by task 2:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:319 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345\n kasan_slab_alloc include/linux/kasan.h:247 [inline]\n slab_post_alloc_hook mm/slub.c:4086 [inline]\n slab_alloc_node mm/slub.c:4135 [inline]\n kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4187\n alloc_task_struct_node kernel/fork.c:180 [inline]\n dup_task_struct+0x57/0x8c0 kernel/fork.c:1107\n copy_process+0x5d1/0x3d50 kernel/fork.c:2206\n kernel_clone+0x223/0x880 kernel/fork.c:2787\n kernel_thread+0x1bc/0x240 kernel/fork.c:2849\n create_kthread kernel/kthread.c:412 [inline]\n kthreadd+0x60d/0x810 kernel/kthread.c:765\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\n Freed by task 61:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:230 [inline]\n slab_free_h\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49867", url: "https://www.suse.com/security/cve/CVE-2024-49867", }, { category: "external", summary: "SUSE Bug 1232262 for CVE-2024-49867", url: "https://bugzilla.suse.com/1232262", }, { category: "external", summary: "SUSE Bug 1232271 for CVE-2024-49867", url: "https://bugzilla.suse.com/1232271", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49867", }, { cve: "CVE-2024-49868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49868", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a NULL pointer dereference when failed to start a new trasacntion\n\n[BUG]\nSyzbot reported a NULL pointer dereference with the following crash:\n\n FAULT_INJECTION: forcing a failure.\n start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676\n prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642\n relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678\n ...\n BTRFS info (device loop0): balance: ended with status: -12\n Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667]\n RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926\n Call Trace:\n <TASK>\n commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496\n btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430\n del_balance_item fs/btrfs/volumes.c:3678 [inline]\n reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742\n btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574\n btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nThe allocation failure happens at the start_transaction() inside\nprepare_to_relocate(), and during the error handling we call\nunset_reloc_control(), which makes fs_info->balance_ctl to be NULL.\n\nThen we continue the error path cleanup in btrfs_balance() by calling\nreset_balance_state() which will call del_balance_item() to fully delete\nthe balance item in the root tree.\n\nHowever during the small window between set_reloc_contrl() and\nunset_reloc_control(), we can have a subvolume tree update and created a\nreloc_root for that subvolume.\n\nThen we go into the final btrfs_commit_transaction() of\ndel_balance_item(), and into btrfs_update_reloc_root() inside\ncommit_fs_roots().\n\nThat function checks if fs_info->reloc_ctl is in the merge_reloc_tree\nstage, but since fs_info->reloc_ctl is NULL, it results a NULL pointer\ndereference.\n\n[FIX]\nJust add extra check on fs_info->reloc_ctl inside\nbtrfs_update_reloc_root(), before checking\nfs_info->reloc_ctl->merge_reloc_tree.\n\nThat DEAD_RELOC_TREE handling is to prevent further modification to the\nreloc tree during merge stage, but since there is no reloc_ctl at all,\nwe do not need to bother that.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49868", url: "https://www.suse.com/security/cve/CVE-2024-49868", }, { category: "external", summary: "SUSE Bug 1232272 for CVE-2024-49868", url: "https://bugzilla.suse.com/1232272", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49868", }, { cve: "CVE-2024-49869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49869", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: fix buffer overflow detection when copying path to cache entry\n\nStarting with commit c0247d289e73 (\"btrfs: send: annotate struct\nname_cache_entry with __counted_by()\") we annotated the variable length\narray \"name\" from the name_cache_entry structure with __counted_by() to\nimprove overflow detection. However that alone was not correct, because\nthe length of that array does not match the \"name_len\" field - it matches\nthat plus 1 to include the NUL string terminator, so that makes a\nfortified kernel think there's an overflow and report a splat like this:\n\n strcpy: detected buffer overflow: 20 byte write of buffer size 19\n WARNING: CPU: 3 PID: 3310 at __fortify_report+0x45/0x50\n CPU: 3 UID: 0 PID: 3310 Comm: btrfs Not tainted 6.11.0-prnet #1\n Hardware name: CompuLab Ltd. sbc-ihsw/Intense-PC2 (IPC2), BIOS IPC2_3.330.7 X64 03/15/2018\n RIP: 0010:__fortify_report+0x45/0x50\n Code: 48 8b 34 (...)\n RSP: 0018:ffff97ebc0d6f650 EFLAGS: 00010246\n RAX: 7749924ef60fa600 RBX: ffff8bf5446a521a RCX: 0000000000000027\n RDX: 00000000ffffdfff RSI: ffff97ebc0d6f548 RDI: ffff8bf84e7a1cc8\n RBP: ffff8bf548574080 R08: ffffffffa8c40e10 R09: 0000000000005ffd\n R10: 0000000000000004 R11: ffffffffa8c70e10 R12: ffff8bf551eef400\n R13: 0000000000000000 R14: 0000000000000013 R15: 00000000000003a8\n FS: 00007fae144de8c0(0000) GS:ffff8bf84e780000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fae14691690 CR3: 00000001027a2003 CR4: 00000000001706f0\n Call Trace:\n <TASK>\n ? __warn+0x12a/0x1d0\n ? __fortify_report+0x45/0x50\n ? report_bug+0x154/0x1c0\n ? handle_bug+0x42/0x70\n ? exc_invalid_op+0x1a/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? __fortify_report+0x45/0x50\n __fortify_panic+0x9/0x10\n __get_cur_name_and_parent+0x3bc/0x3c0\n get_cur_path+0x207/0x3b0\n send_extent_data+0x709/0x10d0\n ? find_parent_nodes+0x22df/0x25d0\n ? mas_nomem+0x13/0x90\n ? mtree_insert_range+0xa5/0x110\n ? btrfs_lru_cache_store+0x5f/0x1e0\n ? iterate_extent_inodes+0x52d/0x5a0\n process_extent+0xa96/0x11a0\n ? __pfx_lookup_backref_cache+0x10/0x10\n ? __pfx_store_backref_cache+0x10/0x10\n ? __pfx_iterate_backrefs+0x10/0x10\n ? __pfx_check_extent_item+0x10/0x10\n changed_cb+0x6fa/0x930\n ? tree_advance+0x362/0x390\n ? memcmp_extent_buffer+0xd7/0x160\n send_subvol+0xf0a/0x1520\n btrfs_ioctl_send+0x106b/0x11d0\n ? __pfx___clone_root_cmp_sort+0x10/0x10\n _btrfs_ioctl_send+0x1ac/0x240\n btrfs_ioctl+0x75b/0x850\n __se_sys_ioctl+0xca/0x150\n do_syscall_64+0x85/0x160\n ? __count_memcg_events+0x69/0x100\n ? handle_mm_fault+0x1327/0x15c0\n ? __se_sys_rt_sigprocmask+0xf1/0x180\n ? syscall_exit_to_user_mode+0x75/0xa0\n ? do_syscall_64+0x91/0x160\n ? do_user_addr_fault+0x21d/0x630\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7fae145eeb4f\n Code: 00 48 89 (...)\n RSP: 002b:00007ffdf1cb09b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fae145eeb4f\n RDX: 00007ffdf1cb0ad0 RSI: 0000000040489426 RDI: 0000000000000004\n RBP: 00000000000078fe R08: 00007fae144006c0 R09: 00007ffdf1cb0927\n R10: 0000000000000008 R11: 0000000000000246 R12: 00007ffdf1cb1ce8\n R13: 0000000000000003 R14: 000055c499fab2e0 R15: 0000000000000004\n </TASK>\n\nFix this by not storing the NUL string terminator since we don't actually\nneed it for name cache entries, this way \"name_len\" corresponds to the\nactual size of the \"name\" array. This requires marking the \"name\" array\nfield with __nonstring and using memcpy() instead of strcpy() as\nrecommended by the guidelines at:\n\n https://github.com/KSPP/linux/issues/90", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49869", url: "https://www.suse.com/security/cve/CVE-2024-49869", }, { category: "external", summary: "SUSE Bug 1232278 for CVE-2024-49869", url: "https://bugzilla.suse.com/1232278", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49869", }, { cve: "CVE-2024-49870", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49870", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix dentry leak in cachefiles_open_file()\n\nA dentry leak may be caused when a lookup cookie and a cull are concurrent:\n\n P1 | P2\n-----------------------------------------------------------\ncachefiles_lookup_cookie\n cachefiles_look_up_object\n lookup_one_positive_unlocked\n // get dentry\n cachefiles_cull\n inode->i_flags |= S_KERNEL_FILE;\n cachefiles_open_file\n cachefiles_mark_inode_in_use\n __cachefiles_mark_inode_in_use\n can_use = false\n if (!(inode->i_flags & S_KERNEL_FILE))\n can_use = true\n\t return false\n return false\n // Returns an error but doesn't put dentry\n\nAfter that the following WARNING will be triggered when the backend folder\nis umounted:\n\n==================================================================\nBUG: Dentry 000000008ad87947{i=7a,n=Dx_1_1.img} still in use (1) [unmount of ext4 sda]\nWARNING: CPU: 4 PID: 359261 at fs/dcache.c:1767 umount_check+0x5d/0x70\nCPU: 4 PID: 359261 Comm: umount Not tainted 6.6.0-dirty #25\nRIP: 0010:umount_check+0x5d/0x70\nCall Trace:\n <TASK>\n d_walk+0xda/0x2b0\n do_one_tree+0x20/0x40\n shrink_dcache_for_umount+0x2c/0x90\n generic_shutdown_super+0x20/0x160\n kill_block_super+0x1a/0x40\n ext4_kill_sb+0x22/0x40\n deactivate_locked_super+0x35/0x80\n cleanup_mnt+0x104/0x160\n==================================================================\n\nWhether cachefiles_open_file() returns true or false, the reference count\nobtained by lookup_positive_unlocked() in cachefiles_look_up_object()\nshould be released.\n\nTherefore release that reference count in cachefiles_look_up_object() to\nfix the above issue and simplify the code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49870", url: "https://www.suse.com/security/cve/CVE-2024-49870", }, { category: "external", summary: "SUSE Bug 1232279 for CVE-2024-49870", url: "https://bugzilla.suse.com/1232279", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49870", }, { cve: "CVE-2024-49871", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49871", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: adp5589-keys - fix NULL pointer dereference\n\nWe register a devm action to call adp5589_clear_config() and then pass\nthe i2c client as argument so that we can call i2c_get_clientdata() in\norder to get our device object. However, i2c_set_clientdata() is only\nbeing set at the end of the probe function which means that we'll get a\nNULL pointer dereference in case the probe function fails early.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49871", url: "https://www.suse.com/security/cve/CVE-2024-49871", }, { category: "external", summary: "SUSE Bug 1232287 for CVE-2024-49871", url: "https://bugzilla.suse.com/1232287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49871", }, { cve: "CVE-2024-49872", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49872", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/gup: fix memfd_pin_folios alloc race panic\n\nIf memfd_pin_folios tries to create a hugetlb page, but someone else\nalready did, then folio gets the value -EEXIST here:\n\n folio = memfd_alloc_folio(memfd, start_idx);\n if (IS_ERR(folio)) {\n ret = PTR_ERR(folio);\n if (ret != -EEXIST)\n goto err;\n\nthen on the next trip through the \"while start_idx\" loop we panic here:\n\n if (folio) {\n folio_put(folio);\n\nTo fix, set the folio to NULL on error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49872", url: "https://www.suse.com/security/cve/CVE-2024-49872", }, { category: "external", summary: "SUSE Bug 1232288 for CVE-2024-49872", url: "https://bugzilla.suse.com/1232288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49872", }, { cve: "CVE-2024-49873", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49873", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/filemap: fix filemap_get_folios_contig THP panic\n\nPatch series \"memfd-pin huge page fixes\".\n\nFix multiple bugs that occur when using memfd_pin_folios with hugetlb\npages and THP. The hugetlb bugs only bite when the page is not yet\nfaulted in when memfd_pin_folios is called. The THP bug bites when the\nstarting offset passed to memfd_pin_folios is not huge page aligned. See\nthe commit messages for details.\n\n\nThis patch (of 5):\n\nmemfd_pin_folios on memory backed by THP panics if the requested start\noffset is not huge page aligned:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000036\nRIP: 0010:filemap_get_folios_contig+0xdf/0x290\nRSP: 0018:ffffc9002092fbe8 EFLAGS: 00010202\nRAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000002\n\nThe fault occurs here, because xas_load returns a folio with value 2:\n\n filemap_get_folios_contig()\n for (folio = xas_load(&xas); folio && xas.xa_index <= end;\n folio = xas_next(&xas)) {\n ...\n if (!folio_try_get(folio)) <-- BOOM\n\n\"2\" is an xarray sibling entry. We get it because memfd_pin_folios does\nnot round the indices passed to filemap_get_folios_contig to huge page\nboundaries for THP, so we load from the middle of a huge page range see a\nsibling. (It does round for hugetlbfs, at the is_file_hugepages test).\n\nTo fix, if the folio is a sibling, then return the next index as the\nstarting point for the next call to filemap_get_folios_contig.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49873", url: "https://www.suse.com/security/cve/CVE-2024-49873", }, { category: "external", summary: "SUSE Bug 1232291 for CVE-2024-49873", url: "https://bugzilla.suse.com/1232291", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49873", }, { cve: "CVE-2024-49874", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49874", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition\n\nIn the svc_i3c_master_probe function, &master->hj_work is bound with\nsvc_i3c_master_hj_work, &master->ibi_work is bound with\nsvc_i3c_master_ibi_work. And svc_i3c_master_ibi_work can start the\nhj_work, svc_i3c_master_irq_handler can start the ibi_work.\n\nIf we remove the module which will call svc_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | svc_i3c_master_hj_work\nsvc_i3c_master_remove |\ni3c_master_unregister(&master->base)|\ndevice_unregister(&master->dev) |\ndevice_release |\n//free master->base |\n | i3c_master_do_daa(&master->base)\n | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with the\ncleanup in svc_i3c_master_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49874", url: "https://www.suse.com/security/cve/CVE-2024-49874", }, { category: "external", summary: "SUSE Bug 1232295 for CVE-2024-49874", url: "https://bugzilla.suse.com/1232295", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49874", }, { cve: "CVE-2024-49875", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49875", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: map the EBADMSG to nfserr_io to avoid warning\n\nExt4 will throw -EBADMSG through ext4_readdir when a checksum error\noccurs, resulting in the following WARNING.\n\nFix it by mapping EBADMSG to nfserr_io.\n\nnfsd_buffered_readdir\n iterate_dir // -EBADMSG -74\n ext4_readdir // .iterate_shared\n ext4_dx_readdir\n ext4_htree_fill_tree\n htree_dirblock_to_tree\n ext4_read_dirblock\n __ext4_read_dirblock\n ext4_dirblock_csum_verify\n warn_no_space_for_csum\n __warn_no_space_for_csum\n return ERR_PTR(-EFSBADCRC) // -EBADMSG -74\n nfserrno // WARNING\n\n[ 161.115610] ------------[ cut here ]------------\n[ 161.116465] nfsd: non-standard errno: -74\n[ 161.117315] WARNING: CPU: 1 PID: 780 at fs/nfsd/nfsproc.c:878 nfserrno+0x9d/0xd0\n[ 161.118596] Modules linked in:\n[ 161.119243] CPU: 1 PID: 780 Comm: nfsd Not tainted 5.10.0-00014-g79679361fd5d #138\n[ 161.120684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qe\nmu.org 04/01/2014\n[ 161.123601] RIP: 0010:nfserrno+0x9d/0xd0\n[ 161.124676] Code: 0f 87 da 30 dd 00 83 e3 01 b8 00 00 00 05 75 d7 44 89 ee 48 c7 c7 c0 57 24 98 89 44 24 04 c6\n 05 ce 2b 61 03 01 e8 99 20 d8 00 <0f> 0b 8b 44 24 04 eb b5 4c 89 e6 48 c7 c7 a0 6d a4 99 e8 cc 15 33\n[ 161.127797] RSP: 0018:ffffc90000e2f9c0 EFLAGS: 00010286\n[ 161.128794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[ 161.130089] RDX: 1ffff1103ee16f6d RSI: 0000000000000008 RDI: fffff520001c5f2a\n[ 161.131379] RBP: 0000000000000022 R08: 0000000000000001 R09: ffff8881f70c1827\n[ 161.132664] R10: ffffed103ee18304 R11: 0000000000000001 R12: 0000000000000021\n[ 161.133949] R13: 00000000ffffffb6 R14: ffff8881317c0000 R15: ffffc90000e2fbd8\n[ 161.135244] FS: 0000000000000000(0000) GS:ffff8881f7080000(0000) knlGS:0000000000000000\n[ 161.136695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 161.137761] CR2: 00007fcaad70b348 CR3: 0000000144256006 CR4: 0000000000770ee0\n[ 161.139041] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 161.140291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 161.141519] PKRU: 55555554\n[ 161.142076] Call Trace:\n[ 161.142575] ? __warn+0x9b/0x140\n[ 161.143229] ? nfserrno+0x9d/0xd0\n[ 161.143872] ? report_bug+0x125/0x150\n[ 161.144595] ? handle_bug+0x41/0x90\n[ 161.145284] ? exc_invalid_op+0x14/0x70\n[ 161.146009] ? asm_exc_invalid_op+0x12/0x20\n[ 161.146816] ? nfserrno+0x9d/0xd0\n[ 161.147487] nfsd_buffered_readdir+0x28b/0x2b0\n[ 161.148333] ? nfsd4_encode_dirent_fattr+0x380/0x380\n[ 161.149258] ? nfsd_buffered_filldir+0xf0/0xf0\n[ 161.150093] ? wait_for_concurrent_writes+0x170/0x170\n[ 161.151004] ? generic_file_llseek_size+0x48/0x160\n[ 161.151895] nfsd_readdir+0x132/0x190\n[ 161.152606] ? nfsd4_encode_dirent_fattr+0x380/0x380\n[ 161.153516] ? nfsd_unlink+0x380/0x380\n[ 161.154256] ? override_creds+0x45/0x60\n[ 161.155006] nfsd4_encode_readdir+0x21a/0x3d0\n[ 161.155850] ? nfsd4_encode_readlink+0x210/0x210\n[ 161.156731] ? write_bytes_to_xdr_buf+0x97/0xe0\n[ 161.157598] ? __write_bytes_to_xdr_buf+0xd0/0xd0\n[ 161.158494] ? lock_downgrade+0x90/0x90\n[ 161.159232] ? nfs4svc_decode_voidarg+0x10/0x10\n[ 161.160092] nfsd4_encode_operation+0x15a/0x440\n[ 161.160959] nfsd4_proc_compound+0x718/0xe90\n[ 161.161818] nfsd_dispatch+0x18e/0x2c0\n[ 161.162586] svc_process_common+0x786/0xc50\n[ 161.163403] ? nfsd_svc+0x380/0x380\n[ 161.164137] ? svc_printk+0x160/0x160\n[ 161.164846] ? svc_xprt_do_enqueue.part.0+0x365/0x380\n[ 161.165808] ? nfsd_svc+0x380/0x380\n[ 161.166523] ? rcu_is_watching+0x23/0x40\n[ 161.167309] svc_process+0x1a5/0x200\n[ 161.168019] nfsd+0x1f5/0x380\n[ 161.168663] ? nfsd_shutdown_threads+0x260/0x260\n[ 161.169554] kthread+0x1c4/0x210\n[ 161.170224] ? kthread_insert_work_sanity_check+0x80/0x80\n[ 161.171246] ret_from_fork+0x1f/0x30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49875", url: "https://www.suse.com/security/cve/CVE-2024-49875", }, { category: "external", summary: "SUSE Bug 1232333 for CVE-2024-49875", url: "https://bugzilla.suse.com/1232333", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-49875", }, { cve: "CVE-2024-49876", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49876", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: fix UAF around queue destruction\n\nWe currently do stuff like queuing the final destruction step on a\nrandom system wq, which will outlive the driver instance. With bad\ntiming we can teardown the driver with one or more work workqueue still\nbeing alive leading to various UAF splats. Add a fini step to ensure\nuser queues are properly torn down. At this point GuC should already be\nnuked so queue itself should no longer be referenced from hw pov.\n\nv2 (Matt B)\n - Looks much safer to use a waitqueue and then just wait for the\n xa_array to become empty before triggering the drain.\n\n(cherry picked from commit 861108666cc0e999cffeab6aff17b662e68774e3)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49876", url: "https://www.suse.com/security/cve/CVE-2024-49876", }, { category: "external", summary: "SUSE Bug 1232336 for CVE-2024-49876", url: "https://bugzilla.suse.com/1232336", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49876", }, { cve: "CVE-2024-49877", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49877", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate\n\nWhen doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger\nNULL pointer dereference in the following ocfs2_set_buffer_uptodate() if\nbh is NULL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49877", url: "https://www.suse.com/security/cve/CVE-2024-49877", }, { category: "external", summary: "SUSE Bug 1232339 for CVE-2024-49877", url: "https://bugzilla.suse.com/1232339", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49877", }, { cve: "CVE-2024-49878", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49878", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nresource: fix region_intersects() vs add_memory_driver_managed()\n\nOn a system with CXL memory, the resource tree (/proc/iomem) related to\nCXL memory may look like something as follows.\n\n490000000-50fffffff : CXL Window 0\n 490000000-50fffffff : region0\n 490000000-50fffffff : dax0.0\n 490000000-50fffffff : System RAM (kmem)\n\nBecause drivers/dax/kmem.c calls add_memory_driver_managed() during\nonlining CXL memory, which makes \"System RAM (kmem)\" a descendant of \"CXL\nWindow X\". This confuses region_intersects(), which expects all \"System\nRAM\" resources to be at the top level of iomem_resource. This can lead to\nbugs.\n\nFor example, when the following command line is executed to write some\nmemory in CXL memory range via /dev/mem,\n\n $ dd if=data of=/dev/mem bs=$((1 << 10)) seek=$((0x490000000 >> 10)) count=1\n dd: error writing '/dev/mem': Bad address\n 1+0 records in\n 0+0 records out\n 0 bytes copied, 0.0283507 s, 0.0 kB/s\n\nthe command fails as expected. However, the error code is wrong. It\nshould be \"Operation not permitted\" instead of \"Bad address\". More\nseriously, the /dev/mem permission checking in devmem_is_allowed() passes\nincorrectly. Although the accessing is prevented later because ioremap()\nisn't allowed to map system RAM, it is a potential security issue. During\ncommand executing, the following warning is reported in the kernel log for\ncalling ioremap() on system RAM.\n\n ioremap on RAM at 0x0000000490000000 - 0x0000000490000fff\n WARNING: CPU: 2 PID: 416 at arch/x86/mm/ioremap.c:216 __ioremap_caller.constprop.0+0x131/0x35d\n Call Trace:\n memremap+0xcb/0x184\n xlate_dev_mem_ptr+0x25/0x2f\n write_mem+0x94/0xfb\n vfs_write+0x128/0x26d\n ksys_write+0xac/0xfe\n do_syscall_64+0x9a/0xfd\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nThe details of command execution process are as follows. In the above\nresource tree, \"System RAM\" is a descendant of \"CXL Window 0\" instead of a\ntop level resource. So, region_intersects() will report no System RAM\nresources in the CXL memory region incorrectly, because it only checks the\ntop level resources. Consequently, devmem_is_allowed() will return 1\n(allow access via /dev/mem) for CXL memory region incorrectly. \nFortunately, ioremap() doesn't allow to map System RAM and reject the\naccess.\n\nSo, region_intersects() needs to be fixed to work correctly with the\nresource tree with \"System RAM\" not at top level as above. To fix it, if\nwe found a unmatched resource in the top level, we will continue to search\nmatched resources in its descendant resources. So, we will not miss any\nmatched resources in resource tree anymore.\n\nIn the new implementation, an example resource tree\n\n|------------- \"CXL Window 0\" ------------|\n|-- \"System RAM\" --|\n\nwill behave similar as the following fake resource tree for\nregion_intersects(, IORESOURCE_SYSTEM_RAM, ),\n\n|-- \"System RAM\" --||-- \"CXL Window 0a\" --|\n\nWhere \"CXL Window 0a\" is part of the original \"CXL Window 0\" that\nisn't covered by \"System RAM\".", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49878", url: "https://www.suse.com/security/cve/CVE-2024-49878", }, { category: "external", summary: "SUSE Bug 1232340 for CVE-2024-49878", url: "https://bugzilla.suse.com/1232340", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49878", }, { cve: "CVE-2024-49879", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49879", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: omapdrm: Add missing check for alloc_ordered_workqueue\n\nAs it may return NULL pointer and cause NULL pointer dereference. Add check\nfor the return value of alloc_ordered_workqueue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49879", url: "https://www.suse.com/security/cve/CVE-2024-49879", }, { category: "external", summary: "SUSE Bug 1232349 for CVE-2024-49879", url: "https://bugzilla.suse.com/1232349", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49879", }, { cve: "CVE-2024-49880", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49880", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off by one issue in alloc_flex_gd()\n\nWesley reported an issue:\n\n==================================================================\nEXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks\n------------[ cut here ]------------\nkernel BUG at fs/ext4/resize.c:324!\nCPU: 9 UID: 0 PID: 3576 Comm: resize2fs Not tainted 6.11.0+ #27\nRIP: 0010:ext4_resize_fs+0x1212/0x12d0\nCall Trace:\n __ext4_ioctl+0x4e0/0x1800\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0x99/0xd0\n x64_sys_call+0x1206/0x20d0\n do_syscall_64+0x72/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n==================================================================\n\nWhile reviewing the patch, Honza found that when adjusting resize_bg in\nalloc_flex_gd(), it was possible for flex_gd->resize_bg to be bigger than\nflexbg_size.\n\nThe reproduction of the problem requires the following:\n\n o_group = flexbg_size * 2 * n;\n o_size = (o_group + 1) * group_size;\n n_group: [o_group + flexbg_size, o_group + flexbg_size * 2)\n o_size = (n_group + 1) * group_size;\n\nTake n=0,flexbg_size=16 as an example:\n\n last:15\n|o---------------|--------------n-|\no_group:0 resize to n_group:30\n\nThe corresponding reproducer is:\n\nimg=test.img\nrm -f $img\ntruncate -s 600M $img\nmkfs.ext4 -F $img -b 1024 -G 16 8M\ndev=`losetup -f --show $img`\nmkdir -p /tmp/test\nmount $dev /tmp/test\nresize2fs $dev 248M\n\nDelete the problematic plus 1 to fix the issue, and add a WARN_ON_ONCE()\nto prevent the issue from happening again.\n\n[ Note: another reproucer which this commit fixes is:\n\n img=test.img\n rm -f $img\n truncate -s 25MiB $img\n mkfs.ext4 -b 4096 -E nodiscard,lazy_itable_init=0,lazy_journal_init=0 $img\n truncate -s 3GiB $img\n dev=`losetup -f --show $img`\n mkdir -p /tmp/test\n mount $dev /tmp/test\n resize2fs $dev 3G\n umount $dev\n losetup -d $dev\n\n -- TYT ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49880", url: "https://www.suse.com/security/cve/CVE-2024-49880", }, { category: "external", summary: "SUSE Bug 1232205 for CVE-2024-49880", url: "https://bugzilla.suse.com/1232205", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49880", }, { cve: "CVE-2024-49881", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49881", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: update orig_path in ext4_find_extent()\n\nIn ext4_find_extent(), if the path is not big enough, we free it and set\n*orig_path to NULL. But after reallocating and successfully initializing\nthe path, we don't update *orig_path, in which case the caller gets a\nvalid path but a NULL ppath, and this may cause a NULL pointer dereference\nor a path memory leak. For example:\n\next4_split_extent\n path = *ppath = 2000\n ext4_find_extent\n if (depth > path[0].p_maxdepth)\n kfree(path = 2000);\n *orig_path = path = NULL;\n path = kcalloc() = 3000\n ext4_split_extent_at(*ppath = NULL)\n path = *ppath;\n ex = path[depth].p_ext;\n // NULL pointer dereference!\n\n==================================================================\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nCPU: 6 UID: 0 PID: 576 Comm: fsstress Not tainted 6.11.0-rc2-dirty #847\nRIP: 0010:ext4_split_extent_at+0x6d/0x560\nCall Trace:\n <TASK>\n ext4_split_extent.isra.0+0xcb/0x1b0\n ext4_ext_convert_to_initialized+0x168/0x6c0\n ext4_ext_handle_unwritten_extents+0x325/0x4d0\n ext4_ext_map_blocks+0x520/0xdb0\n ext4_map_blocks+0x2b0/0x690\n ext4_iomap_begin+0x20e/0x2c0\n[...]\n==================================================================\n\nTherefore, *orig_path is updated when the extent lookup succeeds, so that\nthe caller can safely use path or *ppath.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49881", url: "https://www.suse.com/security/cve/CVE-2024-49881", }, { category: "external", summary: "SUSE Bug 1232201 for CVE-2024-49881", url: "https://bugzilla.suse.com/1232201", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49881", }, { cve: "CVE-2024-49882", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49882", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double brelse() the buffer of the extents path\n\nIn ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been\nreleased, otherwise it may be released twice. An example of what triggers\nthis is as follows:\n\n split2 map split1\n|--------|-------|--------|\n\next4_ext_map_blocks\n ext4_ext_handle_unwritten_extents\n ext4_split_convert_extents\n // path->p_depth == 0\n ext4_split_extent\n // 1. do split1\n ext4_split_extent_at\n |ext4_ext_insert_extent\n | ext4_ext_create_new_leaf\n | ext4_ext_grow_indepth\n | le16_add_cpu(&neh->eh_depth, 1)\n | ext4_find_extent\n | // return -ENOMEM\n |// get error and try zeroout\n |path = ext4_find_extent\n | path->p_depth = 1\n |ext4_ext_try_to_merge\n | ext4_ext_try_to_merge_up\n | path->p_depth = 0\n | brelse(path[1].p_bh) ---> not set to NULL here\n |// zeroout success\n // 2. update path\n ext4_find_extent\n // 3. do split2\n ext4_split_extent_at\n ext4_ext_insert_extent\n ext4_ext_create_new_leaf\n ext4_ext_grow_indepth\n le16_add_cpu(&neh->eh_depth, 1)\n ext4_find_extent\n path[0].p_bh = NULL;\n path->p_depth = 1\n read_extent_tree_block ---> return err\n // path[1].p_bh is still the old value\n ext4_free_ext_path\n ext4_ext_drop_refs\n // path->p_depth == 1\n brelse(path[1].p_bh) ---> brelse a buffer twice\n\nFinally got the following WARRNING when removing the buffer from lru:\n\n============================================\nVFS: brelse: Trying to free free buffer\nWARNING: CPU: 2 PID: 72 at fs/buffer.c:1241 __brelse+0x58/0x90\nCPU: 2 PID: 72 Comm: kworker/u19:1 Not tainted 6.9.0-dirty #716\nRIP: 0010:__brelse+0x58/0x90\nCall Trace:\n <TASK>\n __find_get_block+0x6e7/0x810\n bdev_getblk+0x2b/0x480\n __ext4_get_inode_loc+0x48a/0x1240\n ext4_get_inode_loc+0xb2/0x150\n ext4_reserve_inode_write+0xb7/0x230\n __ext4_mark_inode_dirty+0x144/0x6a0\n ext4_ext_insert_extent+0x9c8/0x3230\n ext4_ext_map_blocks+0xf45/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n============================================", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49882", url: "https://www.suse.com/security/cve/CVE-2024-49882", }, { category: "external", summary: "SUSE Bug 1232200 for CVE-2024-49882", url: "https://bugzilla.suse.com/1232200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49882", }, { cve: "CVE-2024-49883", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49883", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: aovid use-after-free in ext4_ext_insert_extent()\n\nAs Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is\nreallocated in ext4_ext_create_new_leaf(), we'll use the stale path and\ncause UAF. Below is a sample trace with dummy values:\n\next4_ext_insert_extent\n path = *ppath = 2000\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(ppath)\n path = *ppath = 2000\n if (depth > path[0].p_maxdepth)\n kfree(path = 2000);\n *ppath = path = NULL;\n path = kcalloc() = 3000\n *ppath = 3000;\n return path;\n /* here path is still 2000, UAF! */\n eh = path[depth].p_hdr\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_ext_insert_extent+0x26d4/0x3330\nRead of size 8 at addr ffff8881027bf7d0 by task kworker/u36:1/179\nCPU: 3 UID: 0 PID: 179 Comm: kworker/u6:1 Not tainted 6.11.0-rc2-dirty #866\nCall Trace:\n <TASK>\n ext4_ext_insert_extent+0x26d4/0x3330\n ext4_ext_map_blocks+0xe22/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n[...]\n\nAllocated by task 179:\n ext4_find_extent+0x81c/0x1f70\n ext4_ext_map_blocks+0x146/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n ext4_writepages+0x26d/0x4e0\n do_writepages+0x175/0x700\n[...]\n\nFreed by task 179:\n kfree+0xcb/0x240\n ext4_find_extent+0x7c0/0x1f70\n ext4_ext_insert_extent+0xa26/0x3330\n ext4_ext_map_blocks+0xe22/0x2d40\n ext4_map_blocks+0x71e/0x1700\n ext4_do_writepages+0x1290/0x2800\n ext4_writepages+0x26d/0x4e0\n do_writepages+0x175/0x700\n[...]\n==================================================================\n\nSo use *ppath to update the path to avoid the above problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49883", url: "https://www.suse.com/security/cve/CVE-2024-49883", }, { category: "external", summary: "SUSE Bug 1232199 for CVE-2024-49883", url: "https://bugzilla.suse.com/1232199", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49883", }, { cve: "CVE-2024-49884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49884", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n <TASK>\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path->p_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49884", url: "https://www.suse.com/security/cve/CVE-2024-49884", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49884", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232198 for CVE-2024-49884", url: "https://bugzilla.suse.com/1232198", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49884", }, { cve: "CVE-2024-49885", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49885", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm, slub: avoid zeroing kmalloc redzone\n\nSince commit 946fa0dbf2d8 (\"mm/slub: extend redzone check to extra\nallocated kmalloc space than requested\"), setting orig_size treats\nthe wasted space (object_size - orig_size) as a redzone. However with\ninit_on_free=1 we clear the full object->size, including the redzone.\n\nAdditionally we clear the object metadata, including the stored orig_size,\nmaking it zero, which makes check_object() treat the whole object as a\nredzone.\n\nThese issues lead to the following BUG report with \"slub_debug=FUZ\ninit_on_free=1\":\n\n[ 0.000000] =============================================================================\n[ 0.000000] BUG kmalloc-8 (Not tainted): kmalloc Redzone overwritten\n[ 0.000000] -----------------------------------------------------------------------------\n[ 0.000000]\n[ 0.000000] 0xffff000010032858-0xffff00001003285f @offset=2136. First byte 0x0 instead of 0xcc\n[ 0.000000] FIX kmalloc-8: Restoring kmalloc Redzone 0xffff000010032858-0xffff00001003285f=0xcc\n[ 0.000000] Slab 0xfffffdffc0400c80 objects=36 used=23 fp=0xffff000010032a18 flags=0x3fffe0000000200(workingset|node=0|zone=0|lastcpupid=0x1ffff)\n[ 0.000000] Object 0xffff000010032858 @offset=2136 fp=0xffff0000100328c8\n[ 0.000000]\n[ 0.000000] Redzone ffff000010032850: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Object ffff000010032858: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Redzone ffff000010032860: cc cc cc cc cc cc cc cc ........\n[ 0.000000] Padding ffff0000100328b4: 00 00 00 00 00 00 00 00 00 00 00 00 ............\n[ 0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.11.0-rc3-next-20240814-00004-g61844c55c3f4 #144\n[ 0.000000] Hardware name: NXP i.MX95 19X19 board (DT)\n[ 0.000000] Call trace:\n[ 0.000000] dump_backtrace+0x90/0xe8\n[ 0.000000] show_stack+0x18/0x24\n[ 0.000000] dump_stack_lvl+0x74/0x8c\n[ 0.000000] dump_stack+0x18/0x24\n[ 0.000000] print_trailer+0x150/0x218\n[ 0.000000] check_object+0xe4/0x454\n[ 0.000000] free_to_partial_list+0x2f8/0x5ec\n\nTo address the issue, use orig_size to clear the used area. And restore\nthe value of orig_size after clear the remaining area.\n\nWhen CONFIG_SLUB_DEBUG not defined, (get_orig_size()' directly returns\ns->object_size. So when using memset to init the area, the size can simply\nbe orig_size, as orig_size returns object_size when CONFIG_SLUB_DEBUG not\nenabled. And orig_size can never be bigger than object_size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49885", url: "https://www.suse.com/security/cve/CVE-2024-49885", }, { category: "external", summary: "SUSE Bug 1232197 for CVE-2024-49885", url: "https://bugzilla.suse.com/1232197", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49885", }, { cve: "CVE-2024-49886", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49886", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug\n\nAttaching SST PCI device to VM causes \"BUG: KASAN: slab-out-of-bounds\".\nkasan report:\n[ 19.411889] ==================================================================\n[ 19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113\n[ 19.417368]\n[ 19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G E 6.9.0 #10\n[ 19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022\n[ 19.422687] Call Trace:\n[ 19.424091] <TASK>\n[ 19.425448] dump_stack_lvl+0x5d/0x80\n[ 19.426963] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.428694] print_report+0x19d/0x52e\n[ 19.430206] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 19.431837] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.433539] kasan_report+0xf0/0x170\n[ 19.435019] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.436709] _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common]\n[ 19.438379] ? __pfx_sched_clock_cpu+0x10/0x10\n[ 19.439910] isst_if_cpu_online+0x406/0x58f [isst_if_common]\n[ 19.441573] ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common]\n[ 19.443263] ? ttwu_queue_wakelist+0x2c1/0x360\n[ 19.444797] cpuhp_invoke_callback+0x221/0xec0\n[ 19.446337] cpuhp_thread_fun+0x21b/0x610\n[ 19.447814] ? __pfx_cpuhp_thread_fun+0x10/0x10\n[ 19.449354] smpboot_thread_fn+0x2e7/0x6e0\n[ 19.450859] ? __pfx_smpboot_thread_fn+0x10/0x10\n[ 19.452405] kthread+0x29c/0x350\n[ 19.453817] ? __pfx_kthread+0x10/0x10\n[ 19.455253] ret_from_fork+0x31/0x70\n[ 19.456685] ? __pfx_kthread+0x10/0x10\n[ 19.458114] ret_from_fork_asm+0x1a/0x30\n[ 19.459573] </TASK>\n[ 19.460853]\n[ 19.462055] Allocated by task 1198:\n[ 19.463410] kasan_save_stack+0x30/0x50\n[ 19.464788] kasan_save_track+0x14/0x30\n[ 19.466139] __kasan_kmalloc+0xaa/0xb0\n[ 19.467465] __kmalloc+0x1cd/0x470\n[ 19.468748] isst_if_cdev_register+0x1da/0x350 [isst_if_common]\n[ 19.470233] isst_if_mbox_init+0x108/0xff0 [isst_if_mbox_msr]\n[ 19.471670] do_one_initcall+0xa4/0x380\n[ 19.472903] do_init_module+0x238/0x760\n[ 19.474105] load_module+0x5239/0x6f00\n[ 19.475285] init_module_from_file+0xd1/0x130\n[ 19.476506] idempotent_init_module+0x23b/0x650\n[ 19.477725] __x64_sys_finit_module+0xbe/0x130\n[ 19.476506] idempotent_init_module+0x23b/0x650\n[ 19.477725] __x64_sys_finit_module+0xbe/0x130\n[ 19.478920] do_syscall_64+0x82/0x160\n[ 19.480036] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 19.481292]\n[ 19.482205] The buggy address belongs to the object at ffff888829e65000\n which belongs to the cache kmalloc-512 of size 512\n[ 19.484818] The buggy address is located 0 bytes to the right of\n allocated 512-byte region [ffff888829e65000, ffff888829e65200)\n[ 19.487447]\n[ 19.488328] The buggy address belongs to the physical page:\n[ 19.489569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888829e60c00 pfn:0x829e60\n[ 19.491140] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 19.492466] anon flags: 0x57ffffc0000840(slab|head|node=1|zone=2|lastcpupid=0x1fffff)\n[ 19.493914] page_type: 0xffffffff()\n[ 19.494988] raw: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001\n[ 19.496451] raw: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000\n[ 19.497906] head: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001\n[ 19.499379] head: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000\n[ 19.500844] head: 0057ffffc0000003 ffffea0020a79801 ffffea0020a79848 00000000ffffffff\n[ 19.502316] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000\n[ 19.503784] page dumped because: k\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49886", url: "https://www.suse.com/security/cve/CVE-2024-49886", }, { category: "external", summary: "SUSE Bug 1232196 for CVE-2024-49886", url: "https://bugzilla.suse.com/1232196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49886", }, { cve: "CVE-2024-49887", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49887", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to don't panic system for no free segment fault injection\n\nf2fs: fix to don't panic system for no free segment fault injection\n\nsyzbot reports a f2fs bug as below:\n\nF2FS-fs (loop0): inject no free segment in get_new_segment of __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167\nF2FS-fs (loop0): Stopped filesystem due to reason: 7\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/segment.c:2748!\nCPU: 0 UID: 0 PID: 5109 Comm: syz-executor304 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0\nRIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline]\nRIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836\nCall Trace:\n __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167\n f2fs_allocate_new_section fs/f2fs/segment.c:3181 [inline]\n f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3195\n f2fs_expand_inode_data+0x5d6/0xbb0 fs/f2fs/file.c:1799\n f2fs_fallocate+0x448/0x960 fs/f2fs/file.c:1903\n vfs_fallocate+0x553/0x6c0 fs/open.c:334\n do_vfs_ioctl+0x2592/0x2e50 fs/ioctl.c:886\n __do_sys_ioctl fs/ioctl.c:905 [inline]\n __se_sys_ioctl+0x81/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline]\nRIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836\n\nThe root cause is when we inject no free segment fault into f2fs,\nwe should not panic system, fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49887", url: "https://www.suse.com/security/cve/CVE-2024-49887", }, { category: "external", summary: "SUSE Bug 1232206 for CVE-2024-49887", url: "https://bugzilla.suse.com/1232206", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49887", }, { cve: "CVE-2024-49888", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49888", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a sdiv overflow issue\n\nZac Ecob reported a problem where a bpf program may cause kernel crash due\nto the following error:\n Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\n\nThe failure is due to the below signed divide:\n LLONG_MIN/-1 where LLONG_MIN equals to -9,223,372,036,854,775,808.\nLLONG_MIN/-1 is supposed to give a positive number 9,223,372,036,854,775,808,\nbut it is impossible since for 64-bit system, the maximum positive\nnumber is 9,223,372,036,854,775,807. On x86_64, LLONG_MIN/-1 will\ncause a kernel exception. On arm64, the result for LLONG_MIN/-1 is\nLLONG_MIN.\n\nFurther investigation found all the following sdiv/smod cases may trigger\nan exception when bpf program is running on x86_64 platform:\n - LLONG_MIN/-1 for 64bit operation\n - INT_MIN/-1 for 32bit operation\n - LLONG_MIN%-1 for 64bit operation\n - INT_MIN%-1 for 32bit operation\nwhere -1 can be an immediate or in a register.\n\nOn arm64, there are no exceptions:\n - LLONG_MIN/-1 = LLONG_MIN\n - INT_MIN/-1 = INT_MIN\n - LLONG_MIN%-1 = 0\n - INT_MIN%-1 = 0\nwhere -1 can be an immediate or in a register.\n\nInsn patching is needed to handle the above cases and the patched codes\nproduced results aligned with above arm64 result. The below are pseudo\ncodes to handle sdiv/smod exceptions including both divisor -1 and divisor 0\nand the divisor is stored in a register.\n\nsdiv:\n tmp = rX\n tmp += 1 /* [-1, 0] -> [0, 1]\n if tmp >(unsigned) 1 goto L2\n if tmp == 0 goto L1\n rY = 0\n L1:\n rY = -rY;\n goto L3\n L2:\n rY /= rX\n L3:\n\nsmod:\n tmp = rX\n tmp += 1 /* [-1, 0] -> [0, 1]\n if tmp >(unsigned) 1 goto L1\n if tmp == 1 (is64 ? goto L2 : goto L3)\n rY = 0;\n goto L2\n L1:\n rY %= rX\n L2:\n goto L4 // only when !is64\n L3:\n wY = wY // only when !is64\n L4:\n\n [1] https://lore.kernel.org/bpf/tPJLTEh7S_DxFEqAI2Ji5MBSoZVg7_G-Py2iaZpAaWtM961fFTWtsnlzwvTbzBzaUzwQAoNATXKUlt0LZOFgnDcIyKCswAnAGdUF3LBrhGQ=@protonmail.com/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49888", url: "https://www.suse.com/security/cve/CVE-2024-49888", }, { category: "external", summary: "SUSE Bug 1232208 for CVE-2024-49888", url: "https://bugzilla.suse.com/1232208", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49888", }, { cve: "CVE-2024-49889", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49889", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid use-after-free in ext4_ext_show_leaf()\n\nIn ext4_find_extent(), path may be freed by error or be reallocated, so\nusing a previously saved *ppath may have been freed and thus may trigger\nuse-after-free, as follows:\n\next4_split_extent\n path = *ppath;\n ext4_split_extent_at(ppath)\n path = ext4_find_extent(ppath)\n ext4_split_extent_at(ppath)\n // ext4_find_extent fails to free path\n // but zeroout succeeds\n ext4_ext_show_leaf(inode, path)\n eh = path[depth].p_hdr\n // path use-after-free !!!\n\nSimilar to ext4_split_extent_at(), we use *ppath directly as an input to\next4_ext_show_leaf(). Fix a spelling error by the way.\n\nSame problem in ext4_ext_handle_unwritten_extents(). Since 'path' is only\nused in ext4_ext_show_leaf(), remove 'path' and use *ppath directly.\n\nThis issue is triggered only when EXT_DEBUG is defined and therefore does\nnot affect functionality.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49889", url: "https://www.suse.com/security/cve/CVE-2024-49889", }, { category: "external", summary: "SUSE Bug 1232215 for CVE-2024-49889", url: "https://bugzilla.suse.com/1232215", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49889", }, { cve: "CVE-2024-49890", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49890", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: ensure the fw_info is not null before using it\n\nThis resolves the dereference null return value warning\nreported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49890", url: "https://www.suse.com/security/cve/CVE-2024-49890", }, { category: "external", summary: "SUSE Bug 1232217 for CVE-2024-49890", url: "https://bugzilla.suse.com/1232217", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49890", }, { cve: "CVE-2024-49891", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49891", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths\n\nWhen the HBA is undergoing a reset or is handling an errata event, NULL ptr\ndereference crashes may occur in routines such as\nlpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or\nlpfc_abort_handler().\n\nAdd NULL ptr checks before dereferencing hdwq pointers that may have been\nfreed due to operations colliding with a reset or errata event handler.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49891", url: "https://www.suse.com/security/cve/CVE-2024-49891", }, { category: "external", summary: "SUSE Bug 1232218 for CVE-2024-49891", url: "https://bugzilla.suse.com/1232218", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49891", }, { cve: "CVE-2024-49892", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49892", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Initialize get_bytes_per_element's default to 1\n\nVariables, used as denominators and maybe not assigned to other values,\nshould not be 0. bytes_per_element_y & bytes_per_element_c are\ninitialized by get_bytes_per_element() which should never return 0.\n\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49892", url: "https://www.suse.com/security/cve/CVE-2024-49892", }, { category: "external", summary: "SUSE Bug 1232220 for CVE-2024-49892", url: "https://bugzilla.suse.com/1232220", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49892", }, { cve: "CVE-2024-49893", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49893", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check stream_status before it is used\n\n[WHAT & HOW]\ndc_state_get_stream_status can return null, and therefore null must be\nchecked before stream_status is used.\n\nThis fixes 1 NULL_RETURNS issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49893", url: "https://www.suse.com/security/cve/CVE-2024-49893", }, { category: "external", summary: "SUSE Bug 1232350 for CVE-2024-49893", url: "https://bugzilla.suse.com/1232350", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49893", }, { cve: "CVE-2024-49894", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49894", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\n\nFixes index out of bounds issue in\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\ncould occur when the index 'i' exceeds the number of transfer function\npoints (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49894", url: "https://www.suse.com/security/cve/CVE-2024-49894", }, { category: "external", summary: "SUSE Bug 1232354 for CVE-2024-49894", url: "https://bugzilla.suse.com/1232354", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49894", }, { cve: "CVE-2024-49895", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49895", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation\n\nThis commit addresses a potential index out of bounds issue in the\n`cm3_helper_translate_curve_to_degamma_hw_format` function in the DCN30\ncolor management module. The issue could occur when the index 'i'\nexceeds the number of transfer function points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds, the function returns\nfalse to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:338 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:339 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:340 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49895", url: "https://www.suse.com/security/cve/CVE-2024-49895", }, { category: "external", summary: "SUSE Bug 1232352 for CVE-2024-49895", url: "https://bugzilla.suse.com/1232352", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-49895", }, { cve: "CVE-2024-49896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49896", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check stream before comparing them\n\n[WHAT & HOW]\namdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is\nnecessary to check for null before dereferencing them.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49896", url: "https://www.suse.com/security/cve/CVE-2024-49896", }, { category: "external", summary: "SUSE Bug 1232221 for CVE-2024-49896", url: "https://bugzilla.suse.com/1232221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49896", }, { cve: "CVE-2024-49897", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49897", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check phantom_stream before it is used\n\ndcn32_enable_phantom_stream can return null, so returned value\nmust be checked before used.\n\nThis fixes 1 NULL_RETURNS issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49897", url: "https://www.suse.com/security/cve/CVE-2024-49897", }, { category: "external", summary: "SUSE Bug 1232355 for CVE-2024-49897", url: "https://bugzilla.suse.com/1232355", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49897", }, { cve: "CVE-2024-49898", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49898", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null-initialized variables\n\n[WHAT & HOW]\ndrr_timing and subvp_pipe are initialized to null and they are not\nalways assigned new values. It is necessary to check for null before\ndereferencing.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49898", url: "https://www.suse.com/security/cve/CVE-2024-49898", }, { category: "external", summary: "SUSE Bug 1232222 for CVE-2024-49898", url: "https://bugzilla.suse.com/1232222", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49898", }, { cve: "CVE-2024-49899", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49899", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Initialize denominators' default to 1\n\n[WHAT & HOW]\nVariables used as denominators and maybe not assigned to other values,\nshould not be 0. Change their default to 1 so they are never 0.\n\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49899", url: "https://www.suse.com/security/cve/CVE-2024-49899", }, { category: "external", summary: "SUSE Bug 1232358 for CVE-2024-49899", url: "https://bugzilla.suse.com/1232358", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49899", }, { cve: "CVE-2024-49900", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49900", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uninit-value access of new_ea in ea_buffer\n\nsyzbot reports that lzo1x_1_do_compress is using uninit-value:\n\n=====================================================\nBUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178\n\n...\n\nUninit was stored to memory at:\n ea_put fs/jfs/xattr.c:639 [inline]\n\n...\n\nLocal variable ea_buf created at:\n __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662\n __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934\n\n=====================================================\n\nThe reason is ea_buf->new_ea is not initialized properly.\n\nFix this by using memset to empty its content at the beginning\nin ea_get().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49900", url: "https://www.suse.com/security/cve/CVE-2024-49900", }, { category: "external", summary: "SUSE Bug 1232359 for CVE-2024-49900", url: "https://bugzilla.suse.com/1232359", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49900", }, { cve: "CVE-2024-49901", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49901", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs\n\nThere are some cases, such as the one uncovered by Commit 46d4efcccc68\n(\"drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\")\nwhere\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL);\n\nis called on gpu->pdev == NULL, as the GPU device has not been fully\ninitialized yet.\n\nTurns out that there's more than just the aforementioned path that\ncauses this to happen (e.g. the case when there's speedbin data in the\ncatalog, but opp-supported-hw is missing in DT).\n\nAssigning msm_gpu->pdev earlier seems like the least painful solution\nto this, therefore do so.\n\nPatchwork: https://patchwork.freedesktop.org/patch/602742/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49901", url: "https://www.suse.com/security/cve/CVE-2024-49901", }, { category: "external", summary: "SUSE Bug 1232305 for CVE-2024-49901", url: "https://bugzilla.suse.com/1232305", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49901", }, { cve: "CVE-2024-49902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49902", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: check if leafidx greater than num leaves per dmap tree\n\nsyzbot report a out of bounds in dbSplit, it because dmt_leafidx greater\nthan num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf.\n\nShaggy:\nModified sanity check to apply to control pages as well as leaf pages.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49902", url: "https://www.suse.com/security/cve/CVE-2024-49902", }, { category: "external", summary: "SUSE Bug 1232378 for CVE-2024-49902", url: "https://bugzilla.suse.com/1232378", }, { category: "external", summary: "SUSE Bug 1232379 for CVE-2024-49902", url: "https://bugzilla.suse.com/1232379", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49902", }, { cve: "CVE-2024-49903", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49903", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix uaf in dbFreeBits\n\n[syzbot reported]\n==================================================================\nBUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline]\nBUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\nRead of size 8 at addr ffff8880229254b0 by task syz-executor357/5216\n\nCPU: 0 UID: 0 PID: 5216 Comm: syz-executor357 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n __mutex_lock_common kernel/locking/mutex.c:587 [inline]\n __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\n dbFreeBits+0x7ea/0xd90 fs/jfs/jfs_dmap.c:2390\n dbFreeDmap fs/jfs/jfs_dmap.c:2089 [inline]\n dbFree+0x35b/0x680 fs/jfs/jfs_dmap.c:409\n dbDiscardAG+0x8a9/0xa20 fs/jfs/jfs_dmap.c:1650\n jfs_ioc_trim+0x433/0x670 fs/jfs/jfs_discard.c:100\n jfs_ioctl+0x2d0/0x3e0 fs/jfs/ioctl.c:131\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n\nFreed by task 5218:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\n __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2252 [inline]\n slab_free mm/slub.c:4473 [inline]\n kfree+0x149/0x360 mm/slub.c:4594\n dbUnmount+0x11d/0x190 fs/jfs/jfs_dmap.c:278\n jfs_mount_rw+0x4ac/0x6a0 fs/jfs/jfs_mount.c:247\n jfs_remount+0x3d1/0x6b0 fs/jfs/super.c:454\n reconfigure_super+0x445/0x880 fs/super.c:1083\n vfs_cmd_reconfigure fs/fsopen.c:263 [inline]\n vfs_fsconfig_locked fs/fsopen.c:292 [inline]\n __do_sys_fsconfig fs/fsopen.c:473 [inline]\n __se_sys_fsconfig+0xb6e/0xf80 fs/fsopen.c:345\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[Analysis]\nThere are two paths (dbUnmount and jfs_ioc_trim) that generate race\ncondition when accessing bmap, which leads to the occurrence of uaf.\n\nUse the lock s_umount to synchronize them, in order to avoid uaf caused\nby race condition.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49903", url: "https://www.suse.com/security/cve/CVE-2024-49903", }, { category: "external", summary: "SUSE Bug 1232362 for CVE-2024-49903", url: "https://bugzilla.suse.com/1232362", }, { category: "external", summary: "SUSE Bug 1233020 for CVE-2024-49903", url: "https://bugzilla.suse.com/1233020", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49903", }, { cve: "CVE-2024-49904", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49904", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add list empty check to avoid null pointer issue\n\nAdd list empty check to avoid null pointer issues in some corner cases.\n- list_for_each_entry_safe()", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49904", url: "https://www.suse.com/security/cve/CVE-2024-49904", }, { category: "external", summary: "SUSE Bug 1232356 for CVE-2024-49904", url: "https://bugzilla.suse.com/1232356", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49904", }, { cve: "CVE-2024-49905", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49905", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2)\n\nThis commit adds a null check for the 'afb' variable in the\namdgpu_dm_plane_handle_cursor_update function. Previously, 'afb' was\nassumed to be null, but was used later in the code without a null check.\nThis could potentially lead to a null pointer dereference.\n\nChanges since v1:\n- Moved the null check for 'afb' to the line where 'afb' is used. (Alex)\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_plane.c:1298 amdgpu_dm_plane_handle_cursor_update() error: we previously assumed 'afb' could be null (see line 1252)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49905", url: "https://www.suse.com/security/cve/CVE-2024-49905", }, { category: "external", summary: "SUSE Bug 1232357 for CVE-2024-49905", url: "https://bugzilla.suse.com/1232357", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49905", }, { cve: "CVE-2024-49906", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49906", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointer before try to access it\n\n[why & how]\nChange the order of the pipe_ctx->plane_state check to ensure that\nplane_state is not null before accessing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49906", url: "https://www.suse.com/security/cve/CVE-2024-49906", }, { category: "external", summary: "SUSE Bug 1232332 for CVE-2024-49906", url: "https://bugzilla.suse.com/1232332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49906", }, { cve: "CVE-2024-49907", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49907", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before using dc->clk_mgr\n\n[WHY & HOW]\ndc->clk_mgr is null checked previously in the same function, indicating\nit might be null.\n\nPassing \"dc\" to \"dc->hwss.apply_idle_power_optimizations\", which\ndereferences null \"dc->clk_mgr\". (The function pointer resolves to\n\"dcn35_apply_idle_power_optimizations\".)\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49907", url: "https://www.suse.com/security/cve/CVE-2024-49907", }, { category: "external", summary: "SUSE Bug 1232334 for CVE-2024-49907", url: "https://bugzilla.suse.com/1232334", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49907", }, { cve: "CVE-2024-49908", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49908", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2)\n\nThis commit adds a null check for the 'afb' variable in the\namdgpu_dm_update_cursor function. Previously, 'afb' was assumed to be\nnull at line 8388, but was used later in the code without a null check.\nThis could potentially lead to a null pointer dereference.\n\nChanges since v1:\n- Moved the null check for 'afb' to the line where 'afb' is used. (Alex)\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:8433 amdgpu_dm_update_cursor()\n\terror: we previously assumed 'afb' could be null (see line 8388)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49908", url: "https://www.suse.com/security/cve/CVE-2024-49908", }, { category: "external", summary: "SUSE Bug 1232335 for CVE-2024-49908", url: "https://bugzilla.suse.com/1232335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49908", }, { cve: "CVE-2024-49909", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49909", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn32_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null, but then it was being\ndereferenced without any null check. This could lead to a null pointer\ndereference if set_output_gamma is null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49909", url: "https://www.suse.com/security/cve/CVE-2024-49909", }, { category: "external", summary: "SUSE Bug 1232337 for CVE-2024-49909", url: "https://bugzilla.suse.com/1232337", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49909", }, { cve: "CVE-2024-49910", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49910", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn401_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null, but then it was being\ndereferenced without any null check. This could lead to a null pointer\ndereference if set_output_gamma is null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49910", url: "https://www.suse.com/security/cve/CVE-2024-49910", }, { category: "external", summary: "SUSE Bug 1232365 for CVE-2024-49910", url: "https://bugzilla.suse.com/1232365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49910", }, { cve: "CVE-2024-49911", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49911", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func\n\nThis commit adds a null check for the set_output_gamma function pointer\nin the dcn20_set_output_transfer_func function. Previously,\nset_output_gamma was being checked for null at line 1030, but then it\nwas being dereferenced without any null check at line 1048. This could\npotentially lead to a null pointer dereference error if set_output_gamma\nis null.\n\nTo fix this, we now ensure that set_output_gamma is not null before\ndereferencing it. We do this by adding a null check for set_output_gamma\nbefore the call to set_output_gamma at line 1048.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49911", url: "https://www.suse.com/security/cve/CVE-2024-49911", }, { category: "external", summary: "SUSE Bug 1232366 for CVE-2024-49911", url: "https://bugzilla.suse.com/1232366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49911", }, { cve: "CVE-2024-49912", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49912", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream'\n\nThis commit adds a null check for 'stream_status' in the function\n'planes_changed_for_existing_stream'. Previously, the code assumed\n'stream_status' could be null, but did not handle the case where it was\nactually null. This could lead to a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_resource.c:3784 planes_changed_for_existing_stream() error: we previously assumed 'stream_status' could be null (see line 3774)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49912", url: "https://www.suse.com/security/cve/CVE-2024-49912", }, { category: "external", summary: "SUSE Bug 1232367 for CVE-2024-49912", url: "https://bugzilla.suse.com/1232367", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49912", }, { cve: "CVE-2024-49913", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49913", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream\n\nThis commit addresses a null pointer dereference issue in the\n`commit_planes_for_stream` function at line 4140. The issue could occur\nwhen `top_pipe_to_program` is null.\n\nThe fix adds a check to ensure `top_pipe_to_program` is not null before\naccessing its stream_res. This prevents a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:4140 commit_planes_for_stream() error: we previously assumed 'top_pipe_to_program' could be null (see line 3906)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49913", url: "https://www.suse.com/security/cve/CVE-2024-49913", }, { category: "external", summary: "SUSE Bug 1232307 for CVE-2024-49913", url: "https://bugzilla.suse.com/1232307", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49913", }, { cve: "CVE-2024-49914", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49914", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe\n\nThis commit addresses a null pointer dereference issue in the\n`dcn20_program_pipe` function. The issue could occur when\n`pipe_ctx->plane_state` is null.\n\nThe fix adds a check to ensure `pipe_ctx->plane_state` is not null\nbefore accessing. This prevents a null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn20/dcn20_hwseq.c:1925 dcn20_program_pipe() error: we previously assumed 'pipe_ctx->plane_state' could be null (see line 1877)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49914", url: "https://www.suse.com/security/cve/CVE-2024-49914", }, { category: "external", summary: "SUSE Bug 1232369 for CVE-2024-49914", url: "https://bugzilla.suse.com/1232369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49914", }, { cve: "CVE-2024-49915", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49915", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn32_init_hw` function. The issue could occur when `dc->clk_mgr` is\nnull.\n\nThe fix adds a check to ensure `dc->clk_mgr` is not null before\naccessing its functions. This prevents a potential null pointer\ndereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn32/dcn32_hwseq.c:961 dcn32_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 782)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49915", url: "https://www.suse.com/security/cve/CVE-2024-49915", }, { category: "external", summary: "SUSE Bug 1231963 for CVE-2024-49915", url: "https://bugzilla.suse.com/1231963", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49915", }, { cve: "CVE-2024-49916", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49916", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn401_init_hw` function. The issue could occur when `dc->clk_mgr` or\n`dc->clk_mgr->funcs` is null.\n\nThe fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is\nnot null before accessing its functions. This prevents a potential null\npointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn401/dcn401_hwseq.c:416 dcn401_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 225)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49916", url: "https://www.suse.com/security/cve/CVE-2024-49916", }, { category: "external", summary: "SUSE Bug 1231964 for CVE-2024-49916", url: "https://bugzilla.suse.com/1231964", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49916", }, { cve: "CVE-2024-49917", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49917", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn30_init_hw` function. The issue could occur when `dc->clk_mgr` or\n`dc->clk_mgr->funcs` is null.\n\nThe fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is\nnot null before accessing its functions. This prevents a potential null\npointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:789 dcn30_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 628)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49917", url: "https://www.suse.com/security/cve/CVE-2024-49917", }, { category: "external", summary: "SUSE Bug 1231965 for CVE-2024-49917", url: "https://bugzilla.suse.com/1231965", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49917", }, { cve: "CVE-2024-49918", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49918", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn32_acquire_idle_pipe_for_head_pipe_in_layer` function. The issue\ncould occur when `head_pipe` is null.\n\nThe fix adds a check to ensure `head_pipe` is not null before asserting\nit. If `head_pipe` is null, the function returns NULL to prevent a\npotential null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn32/dcn32_resource.c:2690 dcn32_acquire_idle_pipe_for_head_pipe_in_layer() error: we previously assumed 'head_pipe' could be null (see line 2681)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49918", url: "https://www.suse.com/security/cve/CVE-2024-49918", }, { category: "external", summary: "SUSE Bug 1231967 for CVE-2024-49918", url: "https://bugzilla.suse.com/1231967", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49918", }, { cve: "CVE-2024-49919", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49919", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer\n\nThis commit addresses a potential null pointer dereference issue in the\n`dcn201_acquire_free_pipe_for_layer` function. The issue could occur\nwhen `head_pipe` is null.\n\nThe fix adds a check to ensure `head_pipe` is not null before asserting\nit. If `head_pipe` is null, the function returns NULL to prevent a\npotential null pointer dereference.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn201/dcn201_resource.c:1016 dcn201_acquire_free_pipe_for_layer() error: we previously assumed 'head_pipe' could be null (see line 1010)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49919", url: "https://www.suse.com/security/cve/CVE-2024-49919", }, { category: "external", summary: "SUSE Bug 1231968 for CVE-2024-49919", url: "https://bugzilla.suse.com/1231968", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49919", }, { cve: "CVE-2024-49920", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49920", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before multiple uses\n\n[WHAT & HOW]\nPoniters, such as stream_enc and dc->bw_vbios, are null checked previously\nin the same function, so Coverity warns \"implies that stream_enc and\ndc->bw_vbios might be null\". They are used multiple times in the\nsubsequent code and need to be checked.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49920", url: "https://www.suse.com/security/cve/CVE-2024-49920", }, { category: "external", summary: "SUSE Bug 1232313 for CVE-2024-49920", url: "https://bugzilla.suse.com/1232313", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49920", }, { cve: "CVE-2024-49921", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49921", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before used\n\n[WHAT & HOW]\nPoniters, such as dc->clk_mgr, are null checked previously in the same\nfunction, so Coverity warns \"implies that \"dc->clk_mgr\" might be null\".\nAs a result, these pointers need to be checked when used again.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49921", url: "https://www.suse.com/security/cve/CVE-2024-49921", }, { category: "external", summary: "SUSE Bug 1232371 for CVE-2024-49921", url: "https://bugzilla.suse.com/1232371", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49921", }, { cve: "CVE-2024-49922", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49922", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before using them\n\n[WHAT & HOW]\nThese pointers are null checked previously in the same function,\nindicating they might be null as reported by Coverity. As a result,\nthey need to be checked when used again.\n\nThis fixes 3 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49922", url: "https://www.suse.com/security/cve/CVE-2024-49922", }, { category: "external", summary: "SUSE Bug 1232374 for CVE-2024-49922", url: "https://bugzilla.suse.com/1232374", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49922", }, { cve: "CVE-2024-49923", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49923", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags\n\n[WHAT & HOW]\n\"dcn20_validate_apply_pipe_split_flags\" dereferences merge, and thus it\ncannot be a null pointer. Let's pass a valid pointer to avoid null\ndereference.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49923", url: "https://www.suse.com/security/cve/CVE-2024-49923", }, { category: "external", summary: "SUSE Bug 1232361 for CVE-2024-49923", url: "https://bugzilla.suse.com/1232361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49923", }, { cve: "CVE-2024-49924", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49924", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which &fbi->task is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the &pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi->fb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi->fb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi->lcd_power(on, &fbi->fb.var)\n | //use fbi->fb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49924", url: "https://www.suse.com/security/cve/CVE-2024-49924", }, { category: "external", summary: "SUSE Bug 1232364 for CVE-2024-49924", url: "https://bugzilla.suse.com/1232364", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49924", }, { cve: "CVE-2024-49925", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49925", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49925", url: "https://www.suse.com/security/cve/CVE-2024-49925", }, { category: "external", summary: "SUSE Bug 1232224 for CVE-2024-49925", url: "https://bugzilla.suse.com/1232224", }, { category: "external", summary: "SUSE Bug 1232225 for CVE-2024-49925", url: "https://bugzilla.suse.com/1232225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49925", }, { cve: "CVE-2024-49926", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49926", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()\n\nFor kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is\ndefined as NR_CPUS instead of the number of possible cpus, this\nwill cause the following system panic:\n\nsmpboot: Allowing 4 CPUs, 0 hotplug CPUs\n...\nsetup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1\n...\nBUG: unable to handle page fault for address: ffffffff9911c8c8\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 0 PID: 15 Comm: rcu_tasks_trace Tainted: G W\n6.6.21 #1 5dc7acf91a5e8e9ac9dcfc35bee0245691283ea6\nRIP: 0010:rcu_tasks_need_gpcb+0x25d/0x2c0\nRSP: 0018:ffffa371c00a3e60 EFLAGS: 00010082\nCR2: ffffffff9911c8c8 CR3: 000000040fa20005 CR4: 00000000001706f0\nCall Trace:\n<TASK>\n? __die+0x23/0x80\n? page_fault_oops+0xa4/0x180\n? exc_page_fault+0x152/0x180\n? asm_exc_page_fault+0x26/0x40\n? rcu_tasks_need_gpcb+0x25d/0x2c0\n? __pfx_rcu_tasks_kthread+0x40/0x40\nrcu_tasks_one_gp+0x69/0x180\nrcu_tasks_kthread+0x94/0xc0\nkthread+0xe8/0x140\n? __pfx_kthread+0x40/0x40\nret_from_fork+0x34/0x80\n? __pfx_kthread+0x40/0x40\nret_from_fork_asm+0x1b/0x80\n</TASK>\n\nConsidering that there may be holes in the CPU numbers, use the\nmaximum possible cpu number, instead of nr_cpu_ids, for configuring\nenqueue and dequeue limits.\n\n[ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49926", url: "https://www.suse.com/security/cve/CVE-2024-49926", }, { category: "external", summary: "SUSE Bug 1232247 for CVE-2024-49926", url: "https://bugzilla.suse.com/1232247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49926", }, { cve: "CVE-2024-49927", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49927", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/ioapic: Handle allocation failures gracefully\n\nBreno observed panics when using failslab under certain conditions during\nruntime:\n\n can not alloc irq_pin_list (-1,0,20)\n Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed\n\n panic+0x4e9/0x590\n mp_irqdomain_alloc+0x9ab/0xa80\n irq_domain_alloc_irqs_locked+0x25d/0x8d0\n __irq_domain_alloc_irqs+0x80/0x110\n mp_map_pin_to_irq+0x645/0x890\n acpi_register_gsi_ioapic+0xe6/0x150\n hpet_open+0x313/0x480\n\nThat's a pointless panic which is a leftover of the historic IO/APIC code\nwhich panic'ed during early boot when the interrupt allocation failed.\n\nThe only place which might justify panic is the PIT/HPET timer_check() code\nwhich tries to figure out whether the timer interrupt is delivered through\nthe IO/APIC. But that code does not require to handle interrupt allocation\nfailures. If the interrupt cannot be allocated then timer delivery fails\nand it either panics due to that or falls back to legacy mode.\n\nCure this by removing the panic wrapper around __add_pin_to_irq_node() and\nmaking mp_irqdomain_alloc() aware of the failure condition and handle it as\nany other failure in this function gracefully.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49927", url: "https://www.suse.com/security/cve/CVE-2024-49927", }, { category: "external", summary: "SUSE Bug 1232249 for CVE-2024-49927", url: "https://bugzilla.suse.com/1232249", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49927", }, { cve: "CVE-2024-49928", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49928", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid reading out of bounds when loading TX power FW elements\n\nBecause the loop-expression will do one more time before getting false from\ncond-expression, the original code copied one more entry size beyond valid\nregion.\n\nFix it by moving the entry copy to loop-body.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49928", url: "https://www.suse.com/security/cve/CVE-2024-49928", }, { category: "external", summary: "SUSE Bug 1232250 for CVE-2024-49928", url: "https://bugzilla.suse.com/1232250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49928", }, { cve: "CVE-2024-49929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49929", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: avoid NULL pointer dereference\n\niwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta\npointer is not NULL.\nIt retrieves this pointer using iwl_mvm_sta_from_mac80211, which is\ndereferencing the ieee80211_sta pointer.\nIf sta is NULL, iwl_mvm_sta_from_mac80211 will dereference a NULL\npointer.\nFix this by checking the sta pointer before retrieving the mvmsta\nfrom it. If sta is not NULL, then mvmsta isn't either.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49929", url: "https://www.suse.com/security/cve/CVE-2024-49929", }, { category: "external", summary: "SUSE Bug 1232253 for CVE-2024-49929", url: "https://bugzilla.suse.com/1232253", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49929", }, { cve: "CVE-2024-49930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49930", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix array out-of-bound access in SoC stats\n\nCurrently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a\nmaximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx()\nfunction access ath11k_soc_dp_stats::hal_reo_error using the REO\ndestination SRNG ring ID, which is incorrect. SRNG ring ID differ from\nnormal ring ID, and this usage leads to out-of-bounds array access. To fix\nthis issue, modify ath11k_dp_process_rx() to use the normal ring ID\ndirectly instead of the SRNG ring ID to avoid out-of-bounds array access.\n\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49930", url: "https://www.suse.com/security/cve/CVE-2024-49930", }, { category: "external", summary: "SUSE Bug 1232260 for CVE-2024-49930", url: "https://bugzilla.suse.com/1232260", }, { category: "external", summary: "SUSE Bug 1232261 for CVE-2024-49930", url: "https://bugzilla.suse.com/1232261", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49930", }, { cve: "CVE-2024-49931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49931", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix array out-of-bound access in SoC stats\n\nCurrently, the ath12k_soc_dp_stats::hal_reo_error array is defined with a\nmaximum size of DP_REO_DST_RING_MAX. However, the ath12k_dp_rx_process()\nfunction access ath12k_soc_dp_stats::hal_reo_error using the REO\ndestination SRNG ring ID, which is incorrect. SRNG ring ID differ from\nnormal ring ID, and this usage leads to out-of-bounds array access. To\nfix this issue, modify ath12k_dp_rx_process() to use the normal ring ID\ndirectly instead of the SRNG ring ID to avoid out-of-bounds array access.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49931", url: "https://www.suse.com/security/cve/CVE-2024-49931", }, { category: "external", summary: "SUSE Bug 1232275 for CVE-2024-49931", url: "https://bugzilla.suse.com/1232275", }, { category: "external", summary: "SUSE Bug 1232277 for CVE-2024-49931", url: "https://bugzilla.suse.com/1232277", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49931", }, { cve: "CVE-2024-49932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49932", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't readahead the relocation inode on RST\n\nOn relocation we're doing readahead on the relocation inode, but if the\nfilesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due to\npreallocated extents not being mapped in the RST) from the lookup.\n\nBut readahead doesn't handle the error and submits invalid reads to the\ndevice, causing an assertion in the scatter-gather list code:\n\n BTRFS info (device nvme1n1): balance: start -d -m -s\n BTRFS info (device nvme1n1): relocating block group 6480920576 flags data|raid0\n BTRFS error (device nvme1n1): cannot find raid-stripe for logical [6481928192, 6481969152] devid 2, profile raid0\n ------------[ cut here ]------------\n kernel BUG at include/linux/scatterlist.h:115!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 1012 Comm: btrfs Not tainted 6.10.0-rc7+ #567\n RIP: 0010:__blk_rq_map_sg+0x339/0x4a0\n RSP: 0018:ffffc90001a43820 EFLAGS: 00010202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802\n RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000\n RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8\n R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000\n FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000002cd11000 CR3: 00000001109ea001 CR4: 0000000000370eb0\n Call Trace:\n <TASK>\n ? __die_body.cold+0x14/0x25\n ? die+0x2e/0x50\n ? do_trap+0xca/0x110\n ? do_error_trap+0x65/0x80\n ? __blk_rq_map_sg+0x339/0x4a0\n ? exc_invalid_op+0x50/0x70\n ? __blk_rq_map_sg+0x339/0x4a0\n ? asm_exc_invalid_op+0x1a/0x20\n ? __blk_rq_map_sg+0x339/0x4a0\n nvme_prep_rq.part.0+0x9d/0x770\n nvme_queue_rq+0x7d/0x1e0\n __blk_mq_issue_directly+0x2a/0x90\n ? blk_mq_get_budget_and_tag+0x61/0x90\n blk_mq_try_issue_list_directly+0x56/0xf0\n blk_mq_flush_plug_list.part.0+0x52b/0x5d0\n __blk_flush_plug+0xc6/0x110\n blk_finish_plug+0x28/0x40\n read_pages+0x160/0x1c0\n page_cache_ra_unbounded+0x109/0x180\n relocate_file_extent_cluster+0x611/0x6a0\n ? btrfs_search_slot+0xba4/0xd20\n ? balance_dirty_pages_ratelimited_flags+0x26/0xb00\n relocate_data_extent.constprop.0+0x134/0x160\n relocate_block_group+0x3f2/0x500\n btrfs_relocate_block_group+0x250/0x430\n btrfs_relocate_chunk+0x3f/0x130\n btrfs_balance+0x71b/0xef0\n ? kmalloc_trace_noprof+0x13b/0x280\n btrfs_ioctl+0x2c2e/0x3030\n ? kvfree_call_rcu+0x1e6/0x340\n ? list_lru_add_obj+0x66/0x80\n ? mntput_no_expire+0x3a/0x220\n __x64_sys_ioctl+0x96/0xc0\n do_syscall_64+0x54/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7fcc04514f9b\n Code: Unable to access opcode bytes at 0x7fcc04514f71.\n RSP: 002b:00007ffeba923370 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcc04514f9b\n RDX: 00007ffeba923460 RSI: 00000000c4009420 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000013 R09: 0000000000000001\n R10: 00007fcc043fbba8 R11: 0000000000000246 R12: 00007ffeba924fc5\n R13: 00007ffeba923460 R14: 0000000000000002 R15: 00000000004d4bb0\n </TASK>\n Modules linked in:\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:__blk_rq_map_sg+0x339/0x4a0\n RSP: 0018:ffffc90001a43820 EFLAGS: 00010202\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802\n RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000\n RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8\n R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000\n FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fcc04514f71 CR3: 00000001109ea001 CR4: 0000000000370eb0\n Kernel p\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49932", url: "https://www.suse.com/security/cve/CVE-2024-49932", }, { category: "external", summary: "SUSE Bug 1232376 for CVE-2024-49932", url: "https://bugzilla.suse.com/1232376", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49932", }, { cve: "CVE-2024-49933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49933", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk_iocost: fix more out of bound shifts\n\nRecently running UBSAN caught few out of bound shifts in the\nioc_forgive_debts() function:\n\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38\nshift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long\nlong')\n...\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30\nshift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long\nlong')\n...\nCall Trace:\n<IRQ>\ndump_stack_lvl+0xca/0x130\n__ubsan_handle_shift_out_of_bounds+0x22c/0x280\n? __lock_acquire+0x6441/0x7c10\nioc_timer_fn+0x6cec/0x7750\n? blk_iocost_init+0x720/0x720\n? call_timer_fn+0x5d/0x470\ncall_timer_fn+0xfa/0x470\n? blk_iocost_init+0x720/0x720\n__run_timer_base+0x519/0x700\n...\n\nActual impact of this issue was not identified but I propose to fix the\nundefined behaviour.\nThe proposed fix to prevent those out of bound shifts consist of\nprecalculating exponent before using it the shift operations by taking\nmin value from the actual exponent and maximum possible number of bits.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49933", url: "https://www.suse.com/security/cve/CVE-2024-49933", }, { category: "external", summary: "SUSE Bug 1232368 for CVE-2024-49933", url: "https://bugzilla.suse.com/1232368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49933", }, { cve: "CVE-2024-49934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49934", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name\n\nIt's observed that a crash occurs during hot-remove a memory device,\nin which user is accessing the hugetlb. See calltrace as following:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 14045 at arch/x86/mm/fault.c:1278 do_user_addr_fault+0x2a0/0x790\nModules linked in: kmem device_dax cxl_mem cxl_pmem cxl_port cxl_pci dax_hmem dax_pmem nd_pmem cxl_acpi nd_btt cxl_core crc32c_intel nvme virtiofs fuse nvme_core nfit libnvdimm dm_multipath scsi_dh_rdac scsi_dh_emc s\nmirror dm_region_hash dm_log dm_mod\nCPU: 1 PID: 14045 Comm: daxctl Not tainted 6.10.0-rc2-lizhijian+ #492\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:do_user_addr_fault+0x2a0/0x790\nCode: 48 8b 00 a8 04 0f 84 b5 fe ff ff e9 1c ff ff ff 4c 89 e9 4c 89 e2 be 01 00 00 00 bf 02 00 00 00 e8 b5 ef 24 00 e9 42 fe ff ff <0f> 0b 48 83 c4 08 4c 89 ea 48 89 ee 4c 89 e7 5b 5d 41 5c 41 5d 41\nRSP: 0000:ffffc90000a575f0 EFLAGS: 00010046\nRAX: ffff88800c303600 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000001000 RSI: ffffffff82504162 RDI: ffffffff824b2c36\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffc90000a57658\nR13: 0000000000001000 R14: ffff88800bc2e040 R15: 0000000000000000\nFS: 00007f51cb57d880(0000) GS:ffff88807fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000001000 CR3: 00000000072e2004 CR4: 00000000001706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n ? __warn+0x8d/0x190\n ? do_user_addr_fault+0x2a0/0x790\n ? report_bug+0x1c3/0x1d0\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? do_user_addr_fault+0x2a0/0x790\n ? exc_page_fault+0x31/0x200\n exc_page_fault+0x68/0x200\n<...snip...>\nBUG: unable to handle page fault for address: 0000000000001000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n ---[ end trace 0000000000000000 ]---\n BUG: unable to handle page fault for address: 0000000000001000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 14045 Comm: daxctl Kdump: loaded Tainted: G W 6.10.0-rc2-lizhijian+ #492\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n RIP: 0010:dentry_name+0x1f4/0x440\n<...snip...>\n? dentry_name+0x2fa/0x440\nvsnprintf+0x1f3/0x4f0\nvprintk_store+0x23a/0x540\nvprintk_emit+0x6d/0x330\n_printk+0x58/0x80\ndump_mapping+0x10b/0x1a0\n? __pfx_free_object_rcu+0x10/0x10\n__dump_page+0x26b/0x3e0\n? vprintk_emit+0xe0/0x330\n? _printk+0x58/0x80\n? dump_page+0x17/0x50\ndump_page+0x17/0x50\ndo_migrate_range+0x2f7/0x7f0\n? do_migrate_range+0x42/0x7f0\n? offline_pages+0x2f4/0x8c0\noffline_pages+0x60a/0x8c0\nmemory_subsys_offline+0x9f/0x1c0\n? lockdep_hardirqs_on+0x77/0x100\n? _raw_spin_unlock_irqrestore+0x38/0x60\ndevice_offline+0xe3/0x110\nstate_store+0x6e/0xc0\nkernfs_fop_write_iter+0x143/0x200\nvfs_write+0x39f/0x560\nksys_write+0x65/0xf0\ndo_syscall_64+0x62/0x130\n\nPreviously, some sanity check have been done in dump_mapping() before\nthe print facility parsing '%pd' though, it's still possible to run into\nan invalid dentry.d_name.name.\n\nSince dump_mapping() only needs to dump the filename only, retrieve it\nby itself in a safer way to prevent an unnecessary crash.\n\nNote that either retrieving the filename with '%pd' or\nstrncpy_from_kernel_nofault(), the filename could be unreliable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49934", url: "https://www.suse.com/security/cve/CVE-2024-49934", }, { category: "external", summary: "SUSE Bug 1232387 for CVE-2024-49934", url: "https://bugzilla.suse.com/1232387", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49934", }, { cve: "CVE-2024-49935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49935", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: PAD: fix crash in exit_round_robin()\n\nThe kernel occasionally crashes in cpumask_clear_cpu(), which is called\nwithin exit_round_robin(), because when executing clear_bit(nr, addr) with\nnr set to 0xffffffff, the address calculation may cause misalignment within\nthe memory, leading to access to an invalid memory address.\n\n----------\nBUG: unable to handle kernel paging request at ffffffffe0740618\n ...\nCPU: 3 PID: 2919323 Comm: acpi_pad/14 Kdump: loaded Tainted: G OE X --------- - - 4.18.0-425.19.2.el8_7.x86_64 #1\n ...\nRIP: 0010:power_saving_thread+0x313/0x411 [acpi_pad]\nCode: 89 cd 48 89 d3 eb d1 48 c7 c7 55 70 72 c0 e8 64 86 b0 e4 c6 05 0d a1 02 00 01 e9 bc fd ff ff 45 89 e4 42 8b 04 a5 20 82 72 c0 <f0> 48 0f b3 05 f4 9c 01 00 42 c7 04 a5 20 82 72 c0 ff ff ff ff 31\nRSP: 0018:ff72a5d51fa77ec8 EFLAGS: 00010202\nRAX: 00000000ffffffff RBX: ff462981e5d8cb80 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246\nRBP: ff46297556959d80 R08: 0000000000000382 R09: ff46297c8d0f38d8\nR10: 0000000000000000 R11: 0000000000000001 R12: 000000000000000e\nR13: 0000000000000000 R14: ffffffffffffffff R15: 000000000000000e\nFS: 0000000000000000(0000) GS:ff46297a800c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffe0740618 CR3: 0000007e20410004 CR4: 0000000000771ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n ? acpi_pad_add+0x120/0x120 [acpi_pad]\n kthread+0x10b/0x130\n ? set_kthread_struct+0x50/0x50\n ret_from_fork+0x1f/0x40\n ...\nCR2: ffffffffe0740618\n\ncrash> dis -lr ffffffffc0726923\n ...\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 114\n0xffffffffc0726918 <power_saving_thread+776>:\tmov %r12d,%r12d\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 325\n0xffffffffc072691b <power_saving_thread+779>:\tmov -0x3f8d7de0(,%r12,4),%eax\n/usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./arch/x86/include/asm/bitops.h: 80\n0xffffffffc0726923 <power_saving_thread+787>:\tlock btr %rax,0x19cf4(%rip) # 0xffffffffc0740620 <pad_busy_cpus_bits>\n\ncrash> px tsk_in_cpu[14]\n$66 = 0xffffffff\n\ncrash> px 0xffffffffc072692c+0x19cf4\n$99 = 0xffffffffc0740620\n\ncrash> sym 0xffffffffc0740620\nffffffffc0740620 (b) pad_busy_cpus_bits [acpi_pad]\n\ncrash> px pad_busy_cpus_bits[0]\n$42 = 0xfffc0\n----------\n\nTo fix this, ensure that tsk_in_cpu[tsk_index] != -1 before calling\ncpumask_clear_cpu() in exit_round_robin(), just as it is done in\nround_robin_cpu().\n\n[ rjw: Subject edit, avoid updates to the same value ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49935", url: "https://www.suse.com/security/cve/CVE-2024-49935", }, { category: "external", summary: "SUSE Bug 1232370 for CVE-2024-49935", url: "https://bugzilla.suse.com/1232370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49935", }, { cve: "CVE-2024-49936", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49936", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/xen-netback: prevent UAF in xenvif_flush_hash()\n\nDuring the list_for_each_entry_rcu iteration call of xenvif_flush_hash,\nkfree_rcu does not exist inside the rcu read critical section, so if\nkfree_rcu is called when the rcu grace period ends during the iteration,\nUAF occurs when accessing head->next after the entry becomes free.\n\nTherefore, to solve this, you need to change it to list_for_each_entry_safe.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49936", url: "https://www.suse.com/security/cve/CVE-2024-49936", }, { category: "external", summary: "SUSE Bug 1232424 for CVE-2024-49936", url: "https://bugzilla.suse.com/1232424", }, { category: "external", summary: "SUSE Bug 1232426 for CVE-2024-49936", url: "https://bugzilla.suse.com/1232426", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49936", }, { cve: "CVE-2024-49937", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49937", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Set correct chandef when starting CAC\n\nWhen starting CAC in a mode other than AP mode, it return a\n\"WARNING: CPU: 0 PID: 63 at cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\"\ncaused by the chandef.chan being null at the end of CAC.\n\nSolution: Ensure the channel definition is set for the different modes\nwhen starting CAC to avoid getting a NULL 'chan' at the end of CAC.\n\n Call Trace:\n ? show_regs.part.0+0x14/0x16\n ? __warn+0x67/0xc0\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? report_bug+0xa7/0x130\n ? exc_overflow+0x30/0x30\n ? handle_bug+0x27/0x50\n ? exc_invalid_op+0x18/0x60\n ? handle_exception+0xf6/0xf6\n ? exc_overflow+0x30/0x30\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? exc_overflow+0x30/0x30\n ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]\n ? regulatory_propagate_dfs_state.cold+0x1b/0x4c [cfg80211]\n ? cfg80211_propagate_cac_done_wk+0x1a/0x30 [cfg80211]\n ? process_one_work+0x165/0x280\n ? worker_thread+0x120/0x3f0\n ? kthread+0xc2/0xf0\n ? process_one_work+0x280/0x280\n ? kthread_complete_and_exit+0x20/0x20\n ? ret_from_fork+0x19/0x24\n\n[shorten subject, remove OCB, reorder cases to match previous list]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49937", url: "https://www.suse.com/security/cve/CVE-2024-49937", }, { category: "external", summary: "SUSE Bug 1232427 for CVE-2024-49937", url: "https://bugzilla.suse.com/1232427", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49937", }, { cve: "CVE-2024-49938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49938", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49938", url: "https://www.suse.com/security/cve/CVE-2024-49938", }, { category: "external", summary: "SUSE Bug 1232552 for CVE-2024-49938", url: "https://bugzilla.suse.com/1232552", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49938", }, { cve: "CVE-2024-49939", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49939", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: avoid to add interface to list twice when SER\n\nIf SER L2 occurs during the WoWLAN resume flow, the add interface flow\nis triggered by ieee80211_reconfig(). However, due to\nrtw89_wow_resume() return failure, it will cause the add interface flow\nto be executed again, resulting in a double add list and causing a kernel\npanic. Therefore, we have added a check to prevent double adding of the\nlist.\n\nlist_add double add: new=ffff99d6992e2010, prev=ffff99d6992e2010, next=ffff99d695302628.\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:37!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W O 6.6.30-02659-gc18865c4dfbd #1 770df2933251a0e3c888ba69d1053a817a6376a7\nHardware name: HP Grunt/Grunt, BIOS Google_Grunt.11031.169.0 06/24/2021\nWorkqueue: events_freezable ieee80211_restart_work [mac80211]\nRIP: 0010:__list_add_valid_or_report+0x5e/0xb0\nCode: c7 74 18 48 39 ce 74 13 b0 01 59 5a 5e 5f 41 58 41 59 41 5a 5d e9 e2 d6 03 00 cc 48 c7 c7 8d 4f 17 83 48 89 c2 e8 02 c0 00 00 <0f> 0b 48 c7 c7 aa 8c 1c 83 e8 f4 bf 00 00 0f 0b 48 c7 c7 c8 bc 12\nRSP: 0018:ffffa91b8007bc50 EFLAGS: 00010246\nRAX: 0000000000000058 RBX: ffff99d6992e0900 RCX: a014d76c70ef3900\nRDX: ffffa91b8007bae8 RSI: 00000000ffffdfff RDI: 0000000000000001\nRBP: ffffa91b8007bc88 R08: 0000000000000000 R09: ffffa91b8007bae0\nR10: 00000000ffffdfff R11: ffffffff83a79800 R12: ffff99d695302060\nR13: ffff99d695300900 R14: ffff99d6992e1be0 R15: ffff99d6992e2010\nFS: 0000000000000000(0000) GS:ffff99d6aac00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000078fbdba43480 CR3: 000000010e464000 CR4: 00000000001506f0\nCall Trace:\n <TASK>\n ? __die_body+0x1f/0x70\n ? die+0x3d/0x60\n ? do_trap+0xa4/0x110\n ? __list_add_valid_or_report+0x5e/0xb0\n ? do_error_trap+0x6d/0x90\n ? __list_add_valid_or_report+0x5e/0xb0\n ? handle_invalid_op+0x30/0x40\n ? __list_add_valid_or_report+0x5e/0xb0\n ? exc_invalid_op+0x3c/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_add_valid_or_report+0x5e/0xb0\n rtw89_ops_add_interface+0x309/0x310 [rtw89_core 7c32b1ee6854761c0321027c8a58c5160e41f48f]\n drv_add_interface+0x5c/0x130 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n ieee80211_reconfig+0x241/0x13d0 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n ? finish_wait+0x3e/0x90\n ? synchronize_rcu_expedited+0x174/0x260\n ? sync_rcu_exp_done_unlocked+0x50/0x50\n ? wake_bit_function+0x40/0x40\n ieee80211_restart_work+0xf0/0x140 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc]\n process_scheduled_works+0x1e5/0x480\n worker_thread+0xea/0x1e0\n kthread+0xdb/0x110\n ? move_linked_works+0x90/0x90\n ? kthread_associate_blkcg+0xa0/0xa0\n ret_from_fork+0x3b/0x50\n ? kthread_associate_blkcg+0xa0/0xa0\n ret_from_fork_asm+0x11/0x20\n </TASK>\nModules linked in: dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc rfcomm cmac uinput algif_hash algif_skcipher af_alg btusb btrtl iio_trig_hrtimer industrialio_sw_trigger btmtk industrialio_configfs btbcm btintel uvcvideo videobuf2_vmalloc iio_trig_sysfs videobuf2_memops videobuf2_v4l2 videobuf2_common uvc snd_hda_codec_hdmi veth snd_hda_intel snd_intel_dspcfg acpi_als snd_hda_codec industrialio_triggered_buffer kfifo_buf snd_hwdep industrialio i2c_piix4 snd_hda_core designware_i2s ip6table_nat snd_soc_max98357a xt_MASQUERADE xt_cgroup snd_soc_acp_rt5682_mach fuse rtw89_8922ae(O) rtw89_8922a(O) rtw89_pci(O) rtw89_core(O) 8021q mac80211(O) bluetooth ecdh_generic ecc cfg80211 r8152 mii joydev\ngsmi: Log Shutdown Reason 0x03\n---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49939", url: "https://www.suse.com/security/cve/CVE-2024-49939", }, { category: "external", summary: "SUSE Bug 1232381 for CVE-2024-49939", url: "https://bugzilla.suse.com/1232381", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49939", }, { cve: "CVE-2024-49940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49940", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session->tunnel is non-NULL. However, session->tunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession->tunnel is non-NULL when the tunnel refcount hasn't been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession->tunnel to get the tunnel's encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session->tunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn't yet have session->tunnel set. Add a check for\nthis case.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49940", url: "https://www.suse.com/security/cve/CVE-2024-49940", }, { category: "external", summary: "SUSE Bug 1232812 for CVE-2024-49940", url: "https://bugzilla.suse.com/1232812", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49940", }, { cve: "CVE-2024-49941", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49941", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: Fix potential NULL pointer dereference in gpiod_get_label()\n\nIn `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may\nreturn a NULL pointer, leading to a scenario where `label->str` is accessed\nwithout verifying if `label` itself is NULL.\n\nThis patch adds a proper NULL check for `label` before accessing\n`label->str`. The check for `label->str != NULL` is removed because\n`label->str` can never be NULL if `label` is not NULL.\n\nThis fixes the issue where the label name was being printed as `(efault)`\nwhen dumping the sysfs GPIO file when `label == NULL`.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49941", url: "https://www.suse.com/security/cve/CVE-2024-49941", }, { category: "external", summary: "SUSE Bug 1232169 for CVE-2024-49941", url: "https://bugzilla.suse.com/1232169", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49941", }, { cve: "CVE-2024-49942", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49942", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Prevent null pointer access in xe_migrate_copy\n\nxe_migrate_copy designed to copy content of TTM resources. When source\nresource is null, it will trigger a NULL pointer dereference in\nxe_migrate_copy. To avoid this situation, update lacks source flag to\ntrue for this case, the flag will trigger xe_migrate_clear rather than\nxe_migrate_copy.\n\nIssue trace:\n<7> [317.089847] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 14,\n sizes: 4194304 & 4194304\n<7> [317.089945] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 15,\n sizes: 4194304 & 4194304\n<1> [317.128055] BUG: kernel NULL pointer dereference, address:\n 0000000000000010\n<1> [317.128064] #PF: supervisor read access in kernel mode\n<1> [317.128066] #PF: error_code(0x0000) - not-present page\n<6> [317.128069] PGD 0 P4D 0\n<4> [317.128071] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n<4> [317.128074] CPU: 1 UID: 0 PID: 1440 Comm: kunit_try_catch Tainted:\n G U N 6.11.0-rc7-xe #1\n<4> [317.128078] Tainted: [U]=USER, [N]=TEST\n<4> [317.128080] Hardware name: Intel Corporation Lunar Lake Client\n Platform/LNL-M LP5 RVP1, BIOS LNLMFWI1.R00.3221.D80.2407291239 07/29/2024\n<4> [317.128082] RIP: 0010:xe_migrate_copy+0x66/0x13e0 [xe]\n<4> [317.128158] Code: 00 00 48 89 8d e0 fe ff ff 48 8b 40 10 4c 89 85 c8\n fe ff ff 44 88 8d bd fe ff ff 65 48 8b 3c 25 28 00 00 00 48 89 7d d0 31\n ff <8b> 79 10 48 89 85 a0 fe ff ff 48 8b 00 48 89 b5 d8 fe ff ff 83 ff\n<4> [317.128162] RSP: 0018:ffffc9000167f9f0 EFLAGS: 00010246\n<4> [317.128164] RAX: ffff8881120d8028 RBX: ffff88814d070428 RCX:\n 0000000000000000\n<4> [317.128166] RDX: ffff88813cb99c00 RSI: 0000000004000000 RDI:\n 0000000000000000\n<4> [317.128168] RBP: ffffc9000167fbb8 R08: ffff88814e7b1f08 R09:\n 0000000000000001\n<4> [317.128170] R10: 0000000000000001 R11: 0000000000000001 R12:\n ffff88814e7b1f08\n<4> [317.128172] R13: ffff88814e7b1f08 R14: ffff88813cb99c00 R15:\n 0000000000000001\n<4> [317.128174] FS: 0000000000000000(0000) GS:ffff88846f280000(0000)\n knlGS:0000000000000000\n<4> [317.128176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n<4> [317.128178] CR2: 0000000000000010 CR3: 000000011f676004 CR4:\n 0000000000770ef0\n<4> [317.128180] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n 0000000000000000\n<4> [317.128182] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7:\n 0000000000000400\n<4> [317.128184] PKRU: 55555554\n<4> [317.128185] Call Trace:\n<4> [317.128187] <TASK>\n<4> [317.128189] ? show_regs+0x67/0x70\n<4> [317.128194] ? __die_body+0x20/0x70\n<4> [317.128196] ? __die+0x2b/0x40\n<4> [317.128198] ? page_fault_oops+0x15f/0x4e0\n<4> [317.128203] ? do_user_addr_fault+0x3fb/0x970\n<4> [317.128205] ? lock_acquire+0xc7/0x2e0\n<4> [317.128209] ? exc_page_fault+0x87/0x2b0\n<4> [317.128212] ? asm_exc_page_fault+0x27/0x30\n<4> [317.128216] ? xe_migrate_copy+0x66/0x13e0 [xe]\n<4> [317.128263] ? __lock_acquire+0xb9d/0x26f0\n<4> [317.128265] ? __lock_acquire+0xb9d/0x26f0\n<4> [317.128267] ? sg_free_append_table+0x20/0x80\n<4> [317.128271] ? lock_acquire+0xc7/0x2e0\n<4> [317.128273] ? mark_held_locks+0x4d/0x80\n<4> [317.128275] ? trace_hardirqs_on+0x1e/0xd0\n<4> [317.128278] ? _raw_spin_unlock_irqrestore+0x31/0x60\n<4> [317.128281] ? __pm_runtime_resume+0x60/0xa0\n<4> [317.128284] xe_bo_move+0x682/0xc50 [xe]\n<4> [317.128315] ? lock_is_held_type+0xaa/0x120\n<4> [317.128318] ttm_bo_handle_move_mem+0xe5/0x1a0 [ttm]\n<4> [317.128324] ttm_bo_validate+0xd1/0x1a0 [ttm]\n<4> [317.128328] shrink_test_run_device+0x721/0xc10 [xe]\n<4> [317.128360] ? find_held_lock+0x31/0x90\n<4> [317.128363] ? lock_release+0xd1/0x2a0\n<4> [317.128365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10\n [kunit]\n<4> [317.128370] xe_bo_shrink_kunit+0x11/0x20 [xe]\n<4> [317.128397] kunit_try_run_case+0x6e/0x150 [kunit]\n<4> [317.128400] ? trace_hardirqs_on+0x1e/0xd0\n<4> [317.128402] ? _raw_spin_unlock_irqrestore+0x31/0x60\n<4> [317.128404] kunit_generic_run_threadfn_adapter+0x1e/0x40 [ku\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49942", url: "https://www.suse.com/security/cve/CVE-2024-49942", }, { category: "external", summary: "SUSE Bug 1232168 for CVE-2024-49942", url: "https://bugzilla.suse.com/1232168", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49942", }, { cve: "CVE-2024-49943", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49943", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/guc_submit: add missing locking in wedged_fini\n\nAny non-wedged queue can have a zero refcount here and can be running\nconcurrently with an async queue destroy, therefore dereferencing the\nqueue ptr to check wedge status after the lookup can trigger UAF if\nqueue is not wedged. Fix this by keeping the submission_state lock held\naround the check to postpone the free and make the check safe, before\ndropping again around the put() to avoid the deadlock.\n\n(cherry picked from commit d28af0b6b9580b9f90c265a7da0315b0ad20bbfd)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49943", url: "https://www.suse.com/security/cve/CVE-2024-49943", }, { category: "external", summary: "SUSE Bug 1232167 for CVE-2024-49943", url: "https://bugzilla.suse.com/1232167", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49943", }, { cve: "CVE-2024-49944", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49944", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start\n\nIn sctp_listen_start() invoked by sctp_inet_listen(), it should set the\nsk_state back to CLOSED if sctp_autobind() fails due to whatever reason.\n\nOtherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuse\nis already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash will\nbe dereferenced as sk_state is LISTENING, which causes a crash as bind_hash\nis NULL.\n\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617\n Call Trace:\n <TASK>\n __sys_listen_socket net/socket.c:1883 [inline]\n __sys_listen+0x1b7/0x230 net/socket.c:1894\n __do_sys_listen net/socket.c:1902 [inline]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49944", url: "https://www.suse.com/security/cve/CVE-2024-49944", }, { category: "external", summary: "SUSE Bug 1232166 for CVE-2024-49944", url: "https://bugzilla.suse.com/1232166", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49944", }, { cve: "CVE-2024-49945", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49945", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ncsi: Disable the ncsi work before freeing the associated structure\n\nThe work function can run after the ncsi device is freed, resulting\nin use-after-free bugs or kernel panic.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49945", url: "https://www.suse.com/security/cve/CVE-2024-49945", }, { category: "external", summary: "SUSE Bug 1232165 for CVE-2024-49945", url: "https://bugzilla.suse.com/1232165", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49945", }, { cve: "CVE-2024-49946", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49946", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: do not assume bh is held in ppp_channel_bridge_input()\n\nNetworking receive path is usually handled from BH handler.\nHowever, some protocols need to acquire the socket lock, and\npackets might be stored in the socket backlog is the socket was\nowned by a user process.\n\nIn this case, release_sock(), __release_sock(), and sk_backlog_rcv()\nmight call the sk->sk_backlog_rcv() handler in process context.\n\nsybot caught ppp was not considering this case in\nppp_channel_bridge_input() :\n\nWARNING: inconsistent lock state\n6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted\n--------------------------------\ninconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.\nksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes:\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline]\n ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304\n{SOFTIRQ-ON-W} state was registered at:\n lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759\n __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]\n _raw_spin_lock+0x48/0x60 kernel/locking/spinlock.c:154\n spin_lock include/linux/spinlock.h:351 [inline]\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline]\n ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304\n pppoe_rcv_core+0xfc/0x314 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv include/net/sock.h:1111 [inline]\n __release_sock+0x1a8/0x3d8 net/core/sock.c:3004\n release_sock+0x68/0x1b8 net/core/sock.c:3558\n pppoe_sendmsg+0xc8/0x5d8 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x374/0x4f4 net/socket.c:2204\n __do_sys_sendto net/socket.c:2216 [inline]\n __se_sys_sendto net/socket.c:2212 [inline]\n __arm64_sys_sendto+0xd8/0xf8 net/socket.c:2212\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nirq event stamp: 282914\n hardirqs last enabled at (282914): [<ffff80008b42e30c>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]\n hardirqs last enabled at (282914): [<ffff80008b42e30c>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194\n hardirqs last disabled at (282913): [<ffff80008b42e13c>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]\n hardirqs last disabled at (282913): [<ffff80008b42e13c>] _raw_spin_lock_irqsave+0x2c/0x7c kernel/locking/spinlock.c:162\n softirqs last enabled at (282904): [<ffff8000801f8e88>] softirq_handle_end kernel/softirq.c:400 [inline]\n softirqs last enabled at (282904): [<ffff8000801f8e88>] handle_softirqs+0xa3c/0xbfc kernel/softirq.c:582\n softirqs last disabled at (282909): [<ffff8000801fbdf8>] run_ksoftirqd+0x70/0x158 kernel/softirq.c:928\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(&pch->downl);\n <Interrupt>\n lock(&pch->downl);\n\n *** DEADLOCK ***\n\n1 lock held by ksoftirqd/1/24:\n #0: ffff80008f74dfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:325\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall trace:\n dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:319\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:326\n __dump_sta\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49946", url: "https://www.suse.com/security/cve/CVE-2024-49946", }, { category: "external", summary: "SUSE Bug 1232164 for CVE-2024-49946", url: "https://bugzilla.suse.com/1232164", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49946", }, { cve: "CVE-2024-49947", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49947", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: test for not too small csum_start in virtio_net_hdr_to_skb()\n\nsyzbot was able to trigger this warning [1], after injecting a\nmalicious packet through af_packet, setting skb->csum_start and thus\nthe transport header to an incorrect value.\n\nWe can at least make sure the transport header is after\nthe end of the network header (with a estimated minimal size).\n\n[1]\n[ 67.873027] skb len=4096 headroom=16 headlen=14 tailroom=0\nmac=(-1,-1) mac_len=0 net=(16,-6) trans=10\nshinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0))\ncsum(0xa start=10 offset=0 ip_summed=3 complete_sw=0 valid=0 level=0)\nhash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0\npriority=0x0 mark=0x0 alloc_cpu=10 vlan_all=0x0\nencapsulation=0 inner(proto=0x0000, mac=0, net=0, trans=0)\n[ 67.877172] dev name=veth0_vlan feat=0x000061164fdd09e9\n[ 67.877764] sk family=17 type=3 proto=0\n[ 67.878279] skb linear: 00000000: 00 00 10 00 00 00 00 00 0f 00 00 00 08 00\n[ 67.879128] skb frag: 00000000: 0e 00 07 00 00 00 28 00 08 80 1c 00 04 00 00 02\n[ 67.879877] skb frag: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.880647] skb frag: 00000020: 00 00 02 00 00 00 08 00 1b 00 00 00 00 00 00 00\n[ 67.881156] skb frag: 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.881753] skb frag: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.882173] skb frag: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.882790] skb frag: 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.883171] skb frag: 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.883733] skb frag: 00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.884206] skb frag: 00000090: 00 00 00 00 00 00 00 00 00 00 69 70 76 6c 61 6e\n[ 67.884704] skb frag: 000000a0: 31 00 00 00 00 00 00 00 00 00 2b 00 00 00 00 00\n[ 67.885139] skb frag: 000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.885677] skb frag: 000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.886042] skb frag: 000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.886408] skb frag: 000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.887020] skb frag: 000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 67.887384] skb frag: 00000100: 00 00\n[ 67.887878] ------------[ cut here ]------------\n[ 67.887908] offset (-6) >= skb_headlen() (14)\n[ 67.888445] WARNING: CPU: 10 PID: 2088 at net/core/dev.c:3332 skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.889353] Modules linked in: macsec macvtap macvlan hsr wireguard curve25519_x86_64 libcurve25519_generic libchacha20poly1305 chacha_x86_64 libchacha poly1305_x86_64 dummy bridge sr_mod cdrom evdev pcspkr i2c_piix4 9pnet_virtio 9p 9pnet netfs\n[ 67.890111] CPU: 10 UID: 0 PID: 2088 Comm: b363492833 Not tainted 6.11.0-virtme #1011\n[ 67.890183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 67.890309] RIP: 0010:skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891043] Call Trace:\n[ 67.891173] <TASK>\n[ 67.891274] ? __warn (kernel/panic.c:741)\n[ 67.891320] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891333] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 67.891348] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 67.891363] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 67.891372] ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n[ 67.891388] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891399] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2))\n[ 67.891416] ip_do_fragment (net/ipv4/ip_output.c:777 (discriminator 1))\n[ 67.891448] ? __ip_local_out (./include/linux/skbuff.h:1146 ./include/net/l3mdev.h:196 ./include/net/l3mdev.h:213 ne\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49947", url: "https://www.suse.com/security/cve/CVE-2024-49947", }, { category: "external", summary: "SUSE Bug 1232162 for CVE-2024-49947", url: "https://bugzilla.suse.com/1232162", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49947", }, { cve: "CVE-2024-49948", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49948", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: add more sanity checks to qdisc_pkt_len_init()\n\nOne path takes care of SKB_GSO_DODGY, assuming\nskb->len is bigger than hdr_len.\n\nvirtio_net_hdr_to_skb() does not fully dissect TCP headers,\nit only make sure it is at least 20 bytes.\n\nIt is possible for an user to provide a malicious 'GSO' packet,\ntotal length of 80 bytes.\n\n- 20 bytes of IPv4 header\n- 60 bytes TCP header\n- a small gso_size like 8\n\nvirtio_net_hdr_to_skb() would declare this packet as a normal\nGSO packet, because it would see 40 bytes of payload,\nbigger than gso_size.\n\nWe need to make detect this case to not underflow\nqdisc_skb_cb(skb)->pkt_len.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49948", url: "https://www.suse.com/security/cve/CVE-2024-49948", }, { category: "external", summary: "SUSE Bug 1232161 for CVE-2024-49948", url: "https://bugzilla.suse.com/1232161", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49948", }, { cve: "CVE-2024-49949", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49949", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential underflow in qdisc_pkt_len_init() with UFO\n\nAfter commit 7c6d2ecbda83 (\"net: be more gentle about silly gso\nrequests coming from user\") virtio_net_hdr_to_skb() had sanity check\nto detect malicious attempts from user space to cook a bad GSO packet.\n\nThen commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count\ntransport header in UFO\") while fixing one issue, allowed user space\nto cook a GSO packet with the following characteristic :\n\nIPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28.\n\nWhen this packet arrives in qdisc_pkt_len_init(), we end up\nwith hdr_len = 28 (IPv4 header + UDP header), matching skb->len\n\nThen the following sets gso_segs to 0 :\n\ngso_segs = DIV_ROUND_UP(skb->len - hdr_len,\n shinfo->gso_size);\n\nThen later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/\n\nqdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len;\n\nThis leads to the following crash in fq_codel [1]\n\nqdisc_pkt_len_init() is best effort, we only want an estimation\nof the bytes sent on the wire, not crashing the kernel.\n\nThis patch is fixing this particular issue, a following one\nadds more sanity checks for another potential bug.\n\n[1]\n[ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 70.724561] #PF: supervisor read access in kernel mode\n[ 70.724561] #PF: error_code(0x0000) - not-present page\n[ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0\n[ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991\n[ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel\n[ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49\nAll code\n========\n 0:\t24 08 \tand $0x8,%al\n 2:\t49 c1 e1 06 \tshl $0x6,%r9\n 6:\t44 89 7c 24 18 \tmov %r15d,0x18(%rsp)\n b:\t45 31 ed \txor %r13d,%r13d\n e:\t45 31 c0 \txor %r8d,%r8d\n 11:\t31 ff \txor %edi,%edi\n 13:\t89 44 24 14 \tmov %eax,0x14(%rsp)\n 17:\t4c 03 8b 90 01 00 00 \tadd 0x190(%rbx),%r9\n 1e:\teb 04 \tjmp 0x24\n 20:\t39 ca \tcmp %ecx,%edx\n 22:\t73 37 \tjae 0x5b\n 24:\t4d 8b 39 \tmov (%r9),%r15\n 27:\t83 c7 01 \tadd $0x1,%edi\n 2a:*\t49 8b 17 \tmov (%r15),%rdx\t\t<-- trapping instruction\n 2d:\t49 89 11 \tmov %rdx,(%r9)\n 30:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n 34:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n 38:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 3f:\t49 \trex.WB\n\nCode starting with the faulting instruction\n===========================================\n 0:\t49 8b 17 \tmov (%r15),%rdx\n 3:\t49 89 11 \tmov %rdx,(%r9)\n 6:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n a:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n e:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 15:\t49 \trex.WB\n[ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202\n[ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000\n[ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001\n[ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000\n[ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58\n[ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000\n[ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000\n[ 70.724561] CS: 0010 DS: 0000 ES: 0000 C\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49949", url: "https://www.suse.com/security/cve/CVE-2024-49949", }, { category: "external", summary: "SUSE Bug 1232160 for CVE-2024-49949", url: "https://bugzilla.suse.com/1232160", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49949", }, { cve: "CVE-2024-49950", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49950", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49950", url: "https://www.suse.com/security/cve/CVE-2024-49950", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49950", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232159 for CVE-2024-49950", url: "https://bugzilla.suse.com/1232159", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49950", }, { cve: "CVE-2024-49951", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49951", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix possible crash on mgmt_index_removed\n\nIf mgmt_index_removed is called while there are commands queued on\ncmd_sync it could lead to crashes like the bellow trace:\n\n0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc\n0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth]\n0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth]\n0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth]\n\nSo while handling mgmt_index_removed this attempts to dequeue\ncommands passed as user_data to cmd_sync.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49951", url: "https://www.suse.com/security/cve/CVE-2024-49951", }, { category: "external", summary: "SUSE Bug 1232158 for CVE-2024-49951", url: "https://bugzilla.suse.com/1232158", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49951", }, { cve: "CVE-2024-49952", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49952", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prevent nf_skb_duplicated corruption\n\nsyzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write\nper-cpu variable nf_skb_duplicated in an unsafe way [1].\n\nDisabling preemption as hinted by the splat is not enough,\nwe have to disable soft interrupts as well.\n\n[1]\nBUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316\n caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\nCPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49\n nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\n nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook+0x2c4/0x450 include/linux/netfilter.h:269\n NF_HOOK_COND include/linux/netfilter.h:302 [inline]\n ip_output+0x185/0x230 net/ipv4/ip_output.c:433\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495\n udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981\n udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737\n __do_sys_sendmmsg net/socket.c:2766 [inline]\n __se_sys_sendmmsg net/socket.c:2763 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f4ce4f7def9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133\nRAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9\nRDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006\nRBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49952", url: "https://www.suse.com/security/cve/CVE-2024-49952", }, { category: "external", summary: "SUSE Bug 1232157 for CVE-2024-49952", url: "https://bugzilla.suse.com/1232157", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49952", }, { cve: "CVE-2024-49953", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49953", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice\n\nThe km.state is not checked in driver's delayed work. When\nxfrm_state_check_expire() is called, the state can be reset to\nXFRM_STATE_EXPIRED, even if it is XFRM_STATE_DEAD already. This\nhappens when xfrm state is deleted, but not freed yet. As\n__xfrm_state_delete() is called again in xfrm timer, the following\ncrash occurs.\n\nTo fix this issue, skip xfrm_state_check_expire() if km.state is not\nXFRM_STATE_VALID.\n\n Oops: general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP\n CPU: 5 UID: 0 PID: 7448 Comm: kworker/u102:2 Not tainted 6.11.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5e_ipsec: eth%d mlx5e_ipsec_handle_sw_limits [mlx5_core]\n RIP: 0010:__xfrm_state_delete+0x3d/0x1b0\n Code: 0f 84 8b 01 00 00 48 89 fd c6 87 c8 00 00 00 05 48 8d bb 40 10 00 00 e8 11 04 1a 00 48 8b 95 b8 00 00 00 48 8b 85 c0 00 00 00 <48> 89 42 08 48 89 10 48 8b 55 10 48 b8 00 01 00 00 00 00 ad de 48\n RSP: 0018:ffff88885f945ec8 EFLAGS: 00010246\n RAX: dead000000000122 RBX: ffffffff82afa940 RCX: 0000000000000036\n RDX: dead000000000100 RSI: 0000000000000000 RDI: ffffffff82afb980\n RBP: ffff888109a20340 R08: ffff88885f945ea0 R09: 0000000000000000\n R10: 0000000000000000 R11: ffff88885f945ff8 R12: 0000000000000246\n R13: ffff888109a20340 R14: ffff88885f95f420 R15: ffff88885f95f400\n FS: 0000000000000000(0000) GS:ffff88885f940000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f2163102430 CR3: 00000001128d6001 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <IRQ>\n ? die_addr+0x33/0x90\n ? exc_general_protection+0x1a2/0x390\n ? asm_exc_general_protection+0x22/0x30\n ? __xfrm_state_delete+0x3d/0x1b0\n ? __xfrm_state_delete+0x2f/0x1b0\n xfrm_timer_handler+0x174/0x350\n ? __xfrm_state_delete+0x1b0/0x1b0\n __hrtimer_run_queues+0x121/0x270\n hrtimer_run_softirq+0x88/0xd0\n handle_softirqs+0xcc/0x270\n do_softirq+0x3c/0x50\n </IRQ>\n <TASK>\n __local_bh_enable_ip+0x47/0x50\n mlx5e_ipsec_handle_sw_limits+0x7d/0x90 [mlx5_core]\n process_one_work+0x137/0x2d0\n worker_thread+0x28d/0x3a0\n ? rescuer_thread+0x480/0x480\n kthread+0xb8/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49953", url: "https://www.suse.com/security/cve/CVE-2024-49953", }, { category: "external", summary: "SUSE Bug 1232156 for CVE-2024-49953", url: "https://bugzilla.suse.com/1232156", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49953", }, { cve: "CVE-2024-49954", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49954", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstatic_call: Replace pointless WARN_ON() in static_call_module_notify()\n\nstatic_call_module_notify() triggers a WARN_ON(), when memory allocation\nfails in __static_call_add_module().\n\nThat's not really justified, because the failure case must be correctly\nhandled by the well known call chain and the error code is passed\nthrough to the initiating userspace application.\n\nA memory allocation fail is not a fatal problem, but the WARN_ON() takes\nthe machine out when panic_on_warn is set.\n\nReplace it with a pr_warn().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49954", url: "https://www.suse.com/security/cve/CVE-2024-49954", }, { category: "external", summary: "SUSE Bug 1232155 for CVE-2024-49954", url: "https://bugzilla.suse.com/1232155", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49954", }, { cve: "CVE-2024-49955", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49955", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: battery: Fix possible crash when unregistering a battery hook\n\nWhen a battery hook returns an error when adding a new battery, then\nthe battery hook is automatically unregistered.\nHowever the battery hook provider cannot know that, so it will later\ncall battery_hook_unregister() on the already unregistered battery\nhook, resulting in a crash.\n\nFix this by using the list head to mark already unregistered battery\nhooks as already being unregistered so that they can be ignored by\nbattery_hook_unregister().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49955", url: "https://www.suse.com/security/cve/CVE-2024-49955", }, { category: "external", summary: "SUSE Bug 1232154 for CVE-2024-49955", url: "https://bugzilla.suse.com/1232154", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49955", }, { cve: "CVE-2024-49956", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49956", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix double destroy_workqueue error\n\nWhen gfs2_fill_super() fails, destroy_workqueue() is called within\ngfs2_gl_hash_clear(), and the subsequent code path calls\ndestroy_workqueue() on the same work queue again.\n\nThis issue can be fixed by setting the work queue pointer to NULL after\nthe first destroy_workqueue() call and checking for a NULL pointer\nbefore attempting to destroy the work queue again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49956", url: "https://www.suse.com/security/cve/CVE-2024-49956", }, { category: "external", summary: "SUSE Bug 1232153 for CVE-2024-49956", url: "https://bugzilla.suse.com/1232153", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49956", }, { cve: "CVE-2024-49957", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49957", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix null-ptr-deref when journal load failed.\n\nDuring the mounting process, if journal_reset() fails because of too short\njournal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. \nSubsequently, ocfs2_journal_shutdown() calls\njbd2_journal_flush()->jbd2_cleanup_journal_tail()->\n__jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail()\n->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer\ndereference error.\n\nTo resolve this issue, we should check the JBD2_LOADED flag to ensure the\njournal was properly loaded. Additionally, use journal instead of\nosb->journal directly to simplify the code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49957", url: "https://www.suse.com/security/cve/CVE-2024-49957", }, { category: "external", summary: "SUSE Bug 1232152 for CVE-2024-49957", url: "https://bugzilla.suse.com/1232152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49957", }, { cve: "CVE-2024-49958", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49958", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: reserve space for inline xattr before attaching reflink tree\n\nOne of our customers reported a crash and a corrupted ocfs2 filesystem. \nThe crash was due to the detection of corruption. Upon troubleshooting,\nthe fsck -fn output showed the below corruption\n\n[EXTENT_LIST_FREE] Extent list in owner 33080590 claims 230 as the next free chain record,\nbut fsck believes the largest valid value is 227. Clamp the next record value? n\n\nThe stat output from the debugfs.ocfs2 showed the following corruption\nwhere the \"Next Free Rec:\" had overshot the \"Count:\" in the root metadata\nblock.\n\n Inode: 33080590 Mode: 0640 Generation: 2619713622 (0x9c25a856)\n FS Generation: 904309833 (0x35e6ac49)\n CRC32: 00000000 ECC: 0000\n Type: Regular Attr: 0x0 Flags: Valid\n Dynamic Features: (0x16) HasXattr InlineXattr Refcounted\n Extended Attributes Block: 0 Extended Attributes Inline Size: 256\n User: 0 (root) Group: 0 (root) Size: 281320357888\n Links: 1 Clusters: 141738\n ctime: 0x66911b56 0x316edcb8 -- Fri Jul 12 06:02:30.829349048 2024\n atime: 0x66911d6b 0x7f7a28d -- Fri Jul 12 06:11:23.133669517 2024\n mtime: 0x66911b56 0x12ed75d7 -- Fri Jul 12 06:02:30.317552087 2024\n dtime: 0x0 -- Wed Dec 31 17:00:00 1969\n Refcount Block: 2777346\n Last Extblk: 2886943 Orphan Slot: 0\n Sub Alloc Slot: 0 Sub Alloc Bit: 14\n Tree Depth: 1 Count: 227 Next Free Rec: 230\n ## Offset Clusters Block#\n 0 0 2310 2776351\n 1 2310 2139 2777375\n 2 4449 1221 2778399\n 3 5670 731 2779423\n 4 6401 566 2780447\n ....... .... .......\n ....... .... .......\n\nThe issue was in the reflink workfow while reserving space for inline\nxattr. The problematic function is ocfs2_reflink_xattr_inline(). By the\ntime this function is called the reflink tree is already recreated at the\ndestination inode from the source inode. At this point, this function\nreserves space for inline xattrs at the destination inode without even\nchecking if there is space at the root metadata block. It simply reduces\nthe l_count from 243 to 227 thereby making space of 256 bytes for inline\nxattr whereas the inode already has extents beyond this index (in this\ncase up to 230), thereby causing corruption.\n\nThe fix for this is to reserve space for inline metadata at the destination\ninode before the reflink tree gets recreated. The customer has verified the\nfix.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49958", url: "https://www.suse.com/security/cve/CVE-2024-49958", }, { category: "external", summary: "SUSE Bug 1232151 for CVE-2024-49958", url: "https://bugzilla.suse.com/1232151", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49958", }, { cve: "CVE-2024-49959", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49959", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error\n\nIn __jbd2_log_wait_for_space(), we might call jbd2_cleanup_journal_tail()\nto recover some journal space. But if an error occurs while executing\njbd2_cleanup_journal_tail() (e.g., an EIO), we don't stop waiting for free\nspace right away, we try other branches, and if j_committing_transaction\nis NULL (i.e., the tid is 0), we will get the following complain:\n\n============================================\nJBD2: I/O error when updating journal superblock for sdd-8.\n__jbd2_log_wait_for_space: needed 256 blocks and only had 217 space available\n__jbd2_log_wait_for_space: no way to get more journal space in sdd-8\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 139804 at fs/jbd2/checkpoint.c:109 __jbd2_log_wait_for_space+0x251/0x2e0\nModules linked in:\nCPU: 2 PID: 139804 Comm: kworker/u8:3 Not tainted 6.6.0+ #1\nRIP: 0010:__jbd2_log_wait_for_space+0x251/0x2e0\nCall Trace:\n <TASK>\n add_transaction_credits+0x5d1/0x5e0\n start_this_handle+0x1ef/0x6a0\n jbd2__journal_start+0x18b/0x340\n ext4_dirty_inode+0x5d/0xb0\n __mark_inode_dirty+0xe4/0x5d0\n generic_update_time+0x60/0x70\n[...]\n============================================\n\nSo only if jbd2_cleanup_journal_tail() returns 1, i.e., there is nothing to\nclean up at the moment, continue to try to reclaim free space in other ways.\n\nNote that this fix relies on commit 6f6a6fda2945 (\"jbd2: fix ocfs2 corrupt\nwhen updating journal superblock fails\") to make jbd2_cleanup_journal_tail\nreturn the correct error code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49959", url: "https://www.suse.com/security/cve/CVE-2024-49959", }, { category: "external", summary: "SUSE Bug 1232149 for CVE-2024-49959", url: "https://bugzilla.suse.com/1232149", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49959", }, { cve: "CVE-2024-49960", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49960", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix timer use-after-free on failed mount\n\nSyzbot has found an ODEBUG bug in ext4_fill_super\n\nThe del_timer_sync function cancels the s_err_report timer,\nwhich reminds about filesystem errors daily. We should\nguarantee the timer is no longer active before kfree(sbi).\n\nWhen filesystem mounting fails, the flow goes to failed_mount3,\nwhere an error occurs when ext4_stop_mmpd is called, causing\na read I/O failure. This triggers the ext4_handle_error function\nthat ultimately re-arms the timer,\nleaving the s_err_report timer active before kfree(sbi) is called.\n\nFix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49960", url: "https://www.suse.com/security/cve/CVE-2024-49960", }, { category: "external", summary: "SUSE Bug 1232395 for CVE-2024-49960", url: "https://bugzilla.suse.com/1232395", }, { category: "external", summary: "SUSE Bug 1232803 for CVE-2024-49960", url: "https://bugzilla.suse.com/1232803", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49960", }, { cve: "CVE-2024-49961", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49961", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: ar0521: Use cansleep version of gpiod_set_value()\n\nIf we use GPIO reset from I2C port expander, we must use *_cansleep()\nvariant of GPIO functions.\nThis was not done in ar0521_power_on()/ar0521_power_off() functions.\nLet's fix that.\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 11 at drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x74/0x7c\nModules linked in:\nCPU: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.10.0 #53\nHardware name: Diasom DS-RK3568-SOM-EVB (DT)\nWorkqueue: events_unbound deferred_probe_work_func\npstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : gpiod_set_value+0x74/0x7c\nlr : ar0521_power_on+0xcc/0x290\nsp : ffffff8001d7ab70\nx29: ffffff8001d7ab70 x28: ffffff80027dcc90 x27: ffffff8003c82000\nx26: ffffff8003ca9250 x25: ffffffc080a39c60 x24: ffffff8003ca9088\nx23: ffffff8002402720 x22: ffffff8003ca9080 x21: ffffff8003ca9088\nx20: 0000000000000000 x19: ffffff8001eb2a00 x18: ffffff80efeeac80\nx17: 756d2d6332692f30 x16: 0000000000000000 x15: 0000000000000000\nx14: ffffff8001d91d40 x13: 0000000000000016 x12: ffffffc080e98930\nx11: ffffff8001eb2880 x10: 0000000000000890 x9 : ffffff8001d7a9f0\nx8 : ffffff8001d92570 x7 : ffffff80efeeac80 x6 : 000000003fc6e780\nx5 : ffffff8001d91c80 x4 : 0000000000000002 x3 : 0000000000000000\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000001\nCall trace:\n gpiod_set_value+0x74/0x7c\n ar0521_power_on+0xcc/0x290\n...", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49961", url: "https://www.suse.com/security/cve/CVE-2024-49961", }, { category: "external", summary: "SUSE Bug 1232148 for CVE-2024-49961", url: "https://bugzilla.suse.com/1232148", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49961", }, { cve: "CVE-2024-49962", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49962", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package()\n\nACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0\n\nACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause\nNULL pointer dereference later.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49962", url: "https://www.suse.com/security/cve/CVE-2024-49962", }, { category: "external", summary: "SUSE Bug 1232314 for CVE-2024-49962", url: "https://bugzilla.suse.com/1232314", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49962", }, { cve: "CVE-2024-49963", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49963", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: bcm2835: Fix timeout during suspend mode\n\nDuring noirq suspend phase the Raspberry Pi power driver suffer of\nfirmware property timeouts. The reason is that the IRQ of the underlying\nBCM2835 mailbox is disabled and rpi_firmware_property_list() will always\nrun into a timeout [1].\n\nSince the VideoCore side isn't consider as a wakeup source, set the\nIRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled\nduring suspend-resume cycle.\n\n[1]\nPM: late suspend of devices complete after 1.754 msecs\nWARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128\n rpi_firmware_property_list+0x204/0x22c\nFirmware transaction 0x00028001 timeout\nModules linked in:\nCPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17\nHardware name: BCM2835\nCall trace:\nunwind_backtrace from show_stack+0x18/0x1c\nshow_stack from dump_stack_lvl+0x34/0x44\ndump_stack_lvl from __warn+0x88/0xec\n__warn from warn_slowpath_fmt+0x7c/0xb0\nwarn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c\nrpi_firmware_property_list from rpi_firmware_property+0x68/0x8c\nrpi_firmware_property from rpi_firmware_set_power+0x54/0xc0\nrpi_firmware_set_power from _genpd_power_off+0xe4/0x148\n_genpd_power_off from genpd_sync_power_off+0x7c/0x11c\ngenpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0\ngenpd_finish_suspend from dpm_run_callback+0x78/0xd0\ndpm_run_callback from device_suspend_noirq+0xc0/0x238\ndevice_suspend_noirq from dpm_suspend_noirq+0xb0/0x168\ndpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac\nsuspend_devices_and_enter from pm_suspend+0x254/0x2e4\npm_suspend from state_store+0xa8/0xd4\nstate_store from kernfs_fop_write_iter+0x154/0x1a0\nkernfs_fop_write_iter from vfs_write+0x12c/0x184\nvfs_write from ksys_write+0x78/0xc0\nksys_write from ret_fast_syscall+0x0/0x54\nException stack(0xcc93dfa8 to 0xcc93dff0)\n[...]\nPM: noirq suspend of devices complete after 3095.584 msecs", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49963", url: "https://www.suse.com/security/cve/CVE-2024-49963", }, { category: "external", summary: "SUSE Bug 1232147 for CVE-2024-49963", url: "https://bugzilla.suse.com/1232147", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49963", }, { cve: "CVE-2024-49964", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49964", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix memfd_pin_folios free_huge_pages leak\n\nmemfd_pin_folios followed by unpin_folios fails to restore free_huge_pages\nif the pages were not already faulted in, because the folio refcount for\npages created by memfd_alloc_folio never goes to 0. memfd_pin_folios\nneeds another folio_put to undo the folio_try_get below:\n\nmemfd_alloc_folio()\n alloc_hugetlb_folio_nodemask()\n dequeue_hugetlb_folio_nodemask()\n dequeue_hugetlb_folio_node_exact()\n folio_ref_unfreeze(folio, 1); ; adds 1 refcount\n folio_try_get() ; adds 1 refcount\n hugetlb_add_to_page_cache() ; adds 512 refcount (on x86)\n\nWith the fix, after memfd_pin_folios + unpin_folios, the refcount for the\n(unfaulted) page is 512, which is correct, as the refcount for a faulted\nunpinned page is 513.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49964", url: "https://www.suse.com/security/cve/CVE-2024-49964", }, { category: "external", summary: "SUSE Bug 1232144 for CVE-2024-49964", url: "https://bugzilla.suse.com/1232144", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49964", }, { cve: "CVE-2024-49965", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49965", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove unreasonable unlock in ocfs2_read_blocks\n\nPatch series \"Misc fixes for ocfs2_read_blocks\", v5.\n\nThis series contains 2 fixes for ocfs2_read_blocks(). The first patch fix\nthe issue reported by syzbot, which detects bad unlock balance in\nocfs2_read_blocks(). The second patch fixes an issue reported by Heming\nZhao when reviewing above fix.\n\n\nThis patch (of 2):\n\nThere was a lock release before exiting, so remove the unreasonable unlock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49965", url: "https://www.suse.com/security/cve/CVE-2024-49965", }, { category: "external", summary: "SUSE Bug 1232142 for CVE-2024-49965", url: "https://bugzilla.suse.com/1232142", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49965", }, { cve: "CVE-2024-49966", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49966", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: cancel dqi_sync_work before freeing oinfo\n\nocfs2_global_read_info() will initialize and schedule dqi_sync_work at the\nend, if error occurs after successfully reading global quota, it will\ntrigger the following warning with CONFIG_DEBUG_OBJECTS_* enabled:\n\nODEBUG: free active (active state 0) object: 00000000d8b0ce28 object type: timer_list hint: qsync_work_fn+0x0/0x16c\n\nThis reports that there is an active delayed work when freeing oinfo in\nerror handling, so cancel dqi_sync_work first. BTW, return status instead\nof -1 when .read_file_info fails.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49966", url: "https://www.suse.com/security/cve/CVE-2024-49966", }, { category: "external", summary: "SUSE Bug 1232141 for CVE-2024-49966", url: "https://bugzilla.suse.com/1232141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49966", }, { cve: "CVE-2024-49967", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49967", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49967", url: "https://www.suse.com/security/cve/CVE-2024-49967", }, { category: "external", summary: "SUSE Bug 1232140 for CVE-2024-49967", url: "https://bugzilla.suse.com/1232140", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49967", }, { cve: "CVE-2024-49968", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49968", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: filesystems without casefold feature cannot be mounted with siphash\n\nWhen mounting the ext4 filesystem, if the default hash version is set to\nDX_HASH_SIPHASH but the casefold feature is not set, exit the mounting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49968", url: "https://www.suse.com/security/cve/CVE-2024-49968", }, { category: "external", summary: "SUSE Bug 1232264 for CVE-2024-49968", url: "https://bugzilla.suse.com/1232264", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49968", }, { cve: "CVE-2024-49969", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49969", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index out of bounds in DCN30 color transformation\n\nThis commit addresses a potential index out of bounds issue in the\n`cm3_helper_translate_curve_to_hw_format` function in the DCN30 color\nmanagement module. The issue could occur when the index 'i' exceeds the\nnumber of transfer function points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure 'i' is within bounds before accessing the\ntransfer function points. If 'i' is out of bounds, the function returns\nfalse to indicate an error.\n\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:180 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:181 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:182 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49969", url: "https://www.suse.com/security/cve/CVE-2024-49969", }, { category: "external", summary: "SUSE Bug 1232519 for CVE-2024-49969", url: "https://bugzilla.suse.com/1232519", }, { category: "external", summary: "SUSE Bug 1232524 for CVE-2024-49969", url: "https://bugzilla.suse.com/1232524", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49969", }, { cve: "CVE-2024-49970", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49970", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Implement bounds check for stream encoder creation in DCN401\n\n'stream_enc_regs' array is an array of dcn10_stream_enc_registers\nstructures. The array is initialized with four elements, corresponding\nto the four calls to stream_enc_regs() in the array initializer. This\nmeans that valid indices for this array are 0, 1, 2, and 3.\n\nThe error message 'stream_enc_regs' 4 <= 5 below, is indicating that\nthere is an attempt to access this array with an index of 5, which is\nout of bounds. This could lead to undefined behavior\n\nHere, eng_id is used as an index to access the stream_enc_regs array. If\neng_id is 5, this would result in an out-of-bounds access on the\nstream_enc_regs array.\n\nThus fixing Buffer overflow error in dcn401_stream_encoder_create\n\nFound by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401_resource.c:1209 dcn401_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 <= 5", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49970", url: "https://www.suse.com/security/cve/CVE-2024-49970", }, { category: "external", summary: "SUSE Bug 1232516 for CVE-2024-49970", url: "https://bugzilla.suse.com/1232516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49970", }, { cve: "CVE-2024-49971", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49971", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Increase array size of dummy_boolean\n\n[WHY]\ndml2_core_shared_mode_support and dml_core_mode_support access the third\nelement of dummy_boolean, i.e. hw_debug5 = &s->dummy_boolean[2], when\ndummy_boolean has size of 2. Any assignment to hw_debug5 causes an\nOVERRUN.\n\n[HOW]\nIncrease dummy_boolean's array size to 3.\n\nThis fixes 2 OVERRUN issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49971", url: "https://www.suse.com/security/cve/CVE-2024-49971", }, { category: "external", summary: "SUSE Bug 1232473 for CVE-2024-49971", url: "https://bugzilla.suse.com/1232473", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49971", }, { cve: "CVE-2024-49972", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49972", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Deallocate DML memory if allocation fails\n\n[Why]\nWhen DC state create DML memory allocation fails, memory is not\ndeallocated subsequently, resulting in uninitialized structure\nthat is not NULL.\n\n[How]\nDeallocate memory if DML memory allocation fails.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49972", url: "https://www.suse.com/security/cve/CVE-2024-49972", }, { category: "external", summary: "SUSE Bug 1232315 for CVE-2024-49972", url: "https://bugzilla.suse.com/1232315", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49972", }, { cve: "CVE-2024-49973", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49973", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: add tally counter fields added with RTL8125\n\nRTL8125 added fields to the tally counter, what may result in the chip\ndma'ing these new fields to unallocated memory. Therefore make sure\nthat the allocated memory area is big enough to hold all of the\ntally counter values, even if we use only parts of it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49973", url: "https://www.suse.com/security/cve/CVE-2024-49973", }, { category: "external", summary: "SUSE Bug 1232105 for CVE-2024-49973", url: "https://bugzilla.suse.com/1232105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49973", }, { cve: "CVE-2024-49974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49974", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Limit the number of concurrent async COPY operations\n\nNothing appears to limit the number of concurrent async COPY\noperations that clients can start. In addition, AFAICT each async\nCOPY can copy an unlimited number of 4MB chunks, so can run for a\nlong time. Thus IMO async COPY can become a DoS vector.\n\nAdd a restriction mechanism that bounds the number of concurrent\nbackground COPY operations. Start simple and try to be fair -- this\npatch implements a per-namespace limit.\n\nAn async COPY request that occurs while this limit is exceeded gets\nNFS4ERR_DELAY. The requesting client can choose to send the request\nagain after a delay or fall back to a traditional read/write style\ncopy.\n\nIf there is need to make the mechanism more sophisticated, we can\nvisit that in future patches.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49974", url: "https://www.suse.com/security/cve/CVE-2024-49974", }, { category: "external", summary: "SUSE Bug 1232383 for CVE-2024-49974", url: "https://bugzilla.suse.com/1232383", }, { category: "external", summary: "SUSE Bug 1232384 for CVE-2024-49974", url: "https://bugzilla.suse.com/1232384", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49974", }, { cve: "CVE-2024-49975", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49975", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: fix kernel info leak via \"[uprobes]\" vma\n\nxol_add_vma() maps the uninitialized page allocated by __create_xol_area()\ninto userspace. On some architectures (x86) this memory is readable even\nwithout VM_READ, VM_EXEC results in the same pgprot_t as VM_EXEC|VM_READ,\nalthough this doesn't really matter, debugger can read this memory anyway.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49975", url: "https://www.suse.com/security/cve/CVE-2024-49975", }, { category: "external", summary: "SUSE Bug 1232104 for CVE-2024-49975", url: "https://bugzilla.suse.com/1232104", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49975", }, { cve: "CVE-2024-49976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49976", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Drop interface_lock in stop_kthread()\n\nstop_kthread() is the offline callback for \"trace/osnoise:online\", since\ncommit 5bfbcd1ee57b (\"tracing/timerlat: Add interface_lock around clearing\nof kthread in stop_kthread()\"), the following ABBA deadlock scenario is\nintroduced:\n\nT1 | T2 [BP] | T3 [AP]\nosnoise_hotplug_workfn() | work_for_cpu_fn() | cpuhp_thread_fun()\n | _cpu_down() | osnoise_cpu_die()\n mutex_lock(&interface_lock) | | stop_kthread()\n | cpus_write_lock() | mutex_lock(&interface_lock)\n cpus_read_lock() | cpuhp_kick_ap() |\n\nAs the interface_lock here in just for protecting the \"kthread\" field of\nthe osn_var, use xchg() instead to fix this issue. Also use\nfor_each_online_cpu() back in stop_per_cpu_kthreads() as it can take\ncpu_read_lock() again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49976", url: "https://www.suse.com/security/cve/CVE-2024-49976", }, { category: "external", summary: "SUSE Bug 1232103 for CVE-2024-49976", url: "https://bugzilla.suse.com/1232103", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49976", }, { cve: "CVE-2024-49977", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49977", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Fix zero-division error when disabling tc cbs\n\nThe commit b8c43360f6e4 (\"net: stmmac: No need to calculate speed divider\nwhen offload is disabled\") allows the \"port_transmit_rate_kbps\" to be\nset to a value of 0, which is then passed to the \"div_s64\" function when\ntc-cbs is disabled. This leads to a zero-division error.\n\nWhen tc-cbs is disabled, the idleslope, sendslope, and credit values the\ncredit values are not required to be configured. Therefore, adding a return\nstatement after setting the txQ mode to DCB when tc-cbs is disabled would\nprevent a zero-division error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49977", url: "https://www.suse.com/security/cve/CVE-2024-49977", }, { category: "external", summary: "SUSE Bug 1232102 for CVE-2024-49977", url: "https://bugzilla.suse.com/1232102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49977", }, { cve: "CVE-2024-49978", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49978", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngso: fix udp gso fraglist segmentation after pull from frag_list\n\nDetect gso fraglist skbs with corrupted geometry (see below) and\npass these to skb_segment instead of skb_segment_list, as the first\ncan segment them correctly.\n\nValid SKB_GSO_FRAGLIST skbs\n- consist of two or more segments\n- the head_skb holds the protocol headers plus first gso_size\n- one or more frag_list skbs hold exactly one segment\n- all but the last must be gso_size\n\nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can\nmodify these skbs, breaking these invariants.\n\nIn extreme cases they pull all data into skb linear. For UDP, this\ncauses a NULL ptr deref in __udpv4_gso_segment_list_csum at\nudp_hdr(seg->next)->dest.\n\nDetect invalid geometry due to pull, by checking head_skb size.\nDon't just drop, as this may blackhole a destination. Convert to be\nable to pass to regular skb_segment.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49978", url: "https://www.suse.com/security/cve/CVE-2024-49978", }, { category: "external", summary: "SUSE Bug 1232101 for CVE-2024-49978", url: "https://bugzilla.suse.com/1232101", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49978", }, { cve: "CVE-2024-49979", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49979", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix tcp fraglist segmentation after pull from frag_list\n\nDetect tcp gso fraglist skbs with corrupted geometry (see below) and\npass these to skb_segment instead of skb_segment_list, as the first\ncan segment them correctly.\n\nValid SKB_GSO_FRAGLIST skbs\n- consist of two or more segments\n- the head_skb holds the protocol headers plus first gso_size\n- one or more frag_list skbs hold exactly one segment\n- all but the last must be gso_size\n\nOptional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can\nmodify these skbs, breaking these invariants.\n\nIn extreme cases they pull all data into skb linear. For TCP, this\ncauses a NULL ptr deref in __tcpv4_gso_segment_list_csum at\ntcp_hdr(seg->next).\n\nDetect invalid geometry due to pull, by checking head_skb size.\nDon't just drop, as this may blackhole a destination. Convert to be\nable to pass to regular skb_segment.\n\nApproach and description based on a patch by Willem de Bruijn.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49979", url: "https://www.suse.com/security/cve/CVE-2024-49979", }, { category: "external", summary: "SUSE Bug 1232100 for CVE-2024-49979", url: "https://bugzilla.suse.com/1232100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49979", }, { cve: "CVE-2024-49980", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49980", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: revert \"vrf: Remove unnecessary RCU-bh critical section\"\n\nThis reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853.\n\ndev_queue_xmit_nit is expected to be called with BH disabled.\n__dev_queue_xmit has the following:\n\n /* Disable soft irqs for various locks below. Also\n * stops preemption for RCU.\n */\n rcu_read_lock_bh();\n\nVRF must follow this invariant. The referenced commit removed this\nprotection. Which triggered a lockdep warning:\n\n\t================================\n\tWARNING: inconsistent lock state\n\t6.11.0 #1 Tainted: G W\n\t--------------------------------\n\tinconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.\n\tbtserver/134819 [HC0[0]:SC0[0]:HE1:SE1] takes:\n\tffff8882da30c118 (rlock-AF_PACKET){+.?.}-{2:2}, at: tpacket_rcv+0x863/0x3b30\n\t{IN-SOFTIRQ-W} state was registered at:\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t packet_rcv+0xa33/0x1320\n\t __netif_receive_skb_core.constprop.0+0xcb0/0x3a90\n\t __netif_receive_skb_list_core+0x2c9/0x890\n\t netif_receive_skb_list_internal+0x610/0xcc0\n [...]\n\n\tother info that might help us debug this:\n\t Possible unsafe locking scenario:\n\n\t CPU0\n\t ----\n\t lock(rlock-AF_PACKET);\n\t <Interrupt>\n\t lock(rlock-AF_PACKET);\n\n\t *** DEADLOCK ***\n\n\tCall Trace:\n\t <TASK>\n\t dump_stack_lvl+0x73/0xa0\n\t mark_lock+0x102e/0x16b0\n\t __lock_acquire+0x9ae/0x6170\n\t lock_acquire+0x19a/0x4f0\n\t _raw_spin_lock+0x27/0x40\n\t tpacket_rcv+0x863/0x3b30\n\t dev_queue_xmit_nit+0x709/0xa40\n\t vrf_finish_direct+0x26e/0x340 [vrf]\n\t vrf_l3_out+0x5f4/0xe80 [vrf]\n\t __ip_local_out+0x51e/0x7a0\n [...]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49980", url: "https://www.suse.com/security/cve/CVE-2024-49980", }, { category: "external", summary: "SUSE Bug 1232099 for CVE-2024-49980", url: "https://bugzilla.suse.com/1232099", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49980", }, { cve: "CVE-2024-49981", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49981", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: fix use after free bug in venus_remove due to race condition\n\nin venus_probe, core->work is bound with venus_sys_error_handler, which is\nused to handle error. The code use core->sys_err_done to make sync work.\nThe core->work is started in venus_event_notify.\n\nIf we call venus_remove, there might be an unfished work. The possible\nsequence is as follows:\n\nCPU0 CPU1\n\n |venus_sys_error_handler\nvenus_remove |\nhfi_destroy\t \t\t |\nvenus_hfi_destroy\t |\nkfree(hdev);\t |\n |hfi_reinit\n\t\t\t\t\t |venus_hfi_queues_reinit\n |//use hdev\n\nFix it by canceling the work in venus_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49981", url: "https://www.suse.com/security/cve/CVE-2024-49981", }, { category: "external", summary: "SUSE Bug 1232098 for CVE-2024-49981", url: "https://bugzilla.suse.com/1232098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49981", }, { cve: "CVE-2024-49982", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49982", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in more places\n\nFor fixing CVE-2023-6270, f98364e92662 (\"aoe: fix the potential\nuse-after-free problem in aoecmd_cfg_pkts\") makes tx() calling dev_put()\ninstead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs\ninto use-after-free.\n\nThen Nicolai Stange found more places in aoe have potential use-after-free\nproblem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe()\nand aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push\npacket to tx queue. So they should also use dev_hold() to increase the\nrefcnt of skb->dev.\n\nOn the other hand, moving dev_put() to tx() causes that the refcnt of\nskb->dev be reduced to a negative value, because corresponding\ndev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(),\nprobe(), and aoecmd_cfg_rsp(). This patch fixed this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49982", url: "https://www.suse.com/security/cve/CVE-2024-49982", }, { category: "external", summary: "SUSE Bug 1232097 for CVE-2024-49982", url: "https://bugzilla.suse.com/1232097", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49982", }, { cve: "CVE-2024-49983", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49983", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free\n\nWhen calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(),\nthe 'ppath' is updated but it is the 'path' that is freed, thus potentially\ntriggering a double-free in the following process:\n\next4_ext_replay_update_ex\n ppath = path\n ext4_force_split_extent_at(&ppath)\n ext4_split_extent_at\n ext4_ext_insert_extent\n ext4_ext_create_new_leaf\n ext4_ext_grow_indepth\n ext4_find_extent\n if (depth > path[0].p_maxdepth)\n kfree(path) ---> path First freed\n *orig_path = path = NULL ---> null ppath\n kfree(path) ---> path double-free !!!\n\nSo drop the unnecessary ppath and use path directly to avoid this problem.\nAnd use ext4_find_extent() directly to update path, avoiding unnecessary\nmemory allocation and freeing. Also, propagate the error returned by\next4_find_extent() instead of using strange error codes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49983", url: "https://www.suse.com/security/cve/CVE-2024-49983", }, { category: "external", summary: "SUSE Bug 1232096 for CVE-2024-49983", url: "https://bugzilla.suse.com/1232096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49983", }, { cve: "CVE-2024-49984", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49984", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Prevent out of bounds access in performance query extensions\n\nCheck that the number of perfmons userspace is passing in the copy and\nreset extensions is not greater than the internal kernel storage where\nthe ids will be copied into.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49984", url: "https://www.suse.com/security/cve/CVE-2024-49984", }, { category: "external", summary: "SUSE Bug 1232095 for CVE-2024-49984", url: "https://bugzilla.suse.com/1232095", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49984", }, { cve: "CVE-2024-49985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49985", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume\n\nIn case there is any sort of clock controller attached to this I2C bus\ncontroller, for example Versaclock or even an AIC32x4 I2C codec, then\nan I2C transfer triggered from the clock controller clk_ops .prepare\ncallback may trigger a deadlock on drivers/clk/clk.c prepare_lock mutex.\n\nThis is because the clock controller first grabs the prepare_lock mutex\nand then performs the prepare operation, including its I2C access. The\nI2C access resumes this I2C bus controller via .runtime_resume callback,\nwhich calls clk_prepare_enable(), which attempts to grab the prepare_lock\nmutex again and deadlocks.\n\nSince the clock are already prepared since probe() and unprepared in\nremove(), use simple clk_enable()/clk_disable() calls to enable and\ndisable the clock on runtime suspend and resume, to avoid hitting the\nprepare_lock mutex.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49985", url: "https://www.suse.com/security/cve/CVE-2024-49985", }, { category: "external", summary: "SUSE Bug 1232094 for CVE-2024-49985", url: "https://bugzilla.suse.com/1232094", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49985", }, { cve: "CVE-2024-49986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49986", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors\n\nx86_android_tablet_remove() frees the pdevs[] array, so it should not\nbe used after calling x86_android_tablet_remove().\n\nWhen platform_device_register() fails, store the pdevs[x] PTR_ERR() value\ninto the local ret variable before calling x86_android_tablet_remove()\nto avoid using pdevs[] after it has been freed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49986", url: "https://www.suse.com/security/cve/CVE-2024-49986", }, { category: "external", summary: "SUSE Bug 1232093 for CVE-2024-49986", url: "https://bugzilla.suse.com/1232093", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49986", }, { cve: "CVE-2024-49987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49987", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpftool: Fix undefined behavior in qsort(NULL, 0, ...)\n\nWhen netfilter has no entry to display, qsort is called with\nqsort(NULL, 0, ...). This results in undefined behavior, as UBSan\nreports:\n\nnet.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null\n\nAlthough the C standard does not explicitly state whether calling qsort\nwith a NULL pointer when the size is 0 constitutes undefined behavior,\nSection 7.1.4 of the C standard (Use of library functions) mentions:\n\n\"Each of the following statements applies unless explicitly stated\notherwise in the detailed descriptions that follow: If an argument to a\nfunction has an invalid value (such as a value outside the domain of\nthe function, or a pointer outside the address space of the program, or\na null pointer, or a pointer to non-modifiable storage when the\ncorresponding parameter is not const-qualified) or a type (after\npromotion) not expected by a function with variable number of\narguments, the behavior is undefined.\"\n\nTo avoid this, add an early return when nf_link_info is NULL to prevent\ncalling qsort with a NULL pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49987", url: "https://www.suse.com/security/cve/CVE-2024-49987", }, { category: "external", summary: "SUSE Bug 1232258 for CVE-2024-49987", url: "https://bugzilla.suse.com/1232258", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49987", }, { cve: "CVE-2024-49988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49988", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: add refcnt to ksmbd_conn struct\n\nWhen sending an oplock break request, opinfo->conn is used,\nBut freed ->conn can be used on multichannel.\nThis patch add a reference count to the ksmbd_conn struct\nso that it can be freed when it is no longer used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49988", url: "https://www.suse.com/security/cve/CVE-2024-49988", }, { category: "external", summary: "SUSE Bug 1232482 for CVE-2024-49988", url: "https://bugzilla.suse.com/1232482", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49988", }, { cve: "CVE-2024-49989", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49989", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix double free issue during amdgpu module unload\n\nFlexible endpoints use DIGs from available inflexible endpoints,\nso only the encoders of inflexible links need to be freed.\nOtherwise, a double free issue may occur when unloading the\namdgpu module.\n\n[ 279.190523] RIP: 0010:__slab_free+0x152/0x2f0\n[ 279.190577] Call Trace:\n[ 279.190580] <TASK>\n[ 279.190582] ? show_regs+0x69/0x80\n[ 279.190590] ? die+0x3b/0x90\n[ 279.190595] ? do_trap+0xc8/0xe0\n[ 279.190601] ? do_error_trap+0x73/0xa0\n[ 279.190605] ? __slab_free+0x152/0x2f0\n[ 279.190609] ? exc_invalid_op+0x56/0x70\n[ 279.190616] ? __slab_free+0x152/0x2f0\n[ 279.190642] ? asm_exc_invalid_op+0x1f/0x30\n[ 279.190648] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191096] ? __slab_free+0x152/0x2f0\n[ 279.191102] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191469] kfree+0x260/0x2b0\n[ 279.191474] dcn10_link_encoder_destroy+0x19/0x30 [amdgpu]\n[ 279.191821] link_destroy+0xd7/0x130 [amdgpu]\n[ 279.192248] dc_destruct+0x90/0x270 [amdgpu]\n[ 279.192666] dc_destroy+0x19/0x40 [amdgpu]\n[ 279.193020] amdgpu_dm_fini+0x16e/0x200 [amdgpu]\n[ 279.193432] dm_hw_fini+0x26/0x40 [amdgpu]\n[ 279.193795] amdgpu_device_fini_hw+0x24c/0x400 [amdgpu]\n[ 279.194108] amdgpu_driver_unload_kms+0x4f/0x70 [amdgpu]\n[ 279.194436] amdgpu_pci_remove+0x40/0x80 [amdgpu]\n[ 279.194632] pci_device_remove+0x3a/0xa0\n[ 279.194638] device_remove+0x40/0x70\n[ 279.194642] device_release_driver_internal+0x1ad/0x210\n[ 279.194647] driver_detach+0x4e/0xa0\n[ 279.194650] bus_remove_driver+0x6f/0xf0\n[ 279.194653] driver_unregister+0x33/0x60\n[ 279.194657] pci_unregister_driver+0x44/0x90\n[ 279.194662] amdgpu_exit+0x19/0x1f0 [amdgpu]\n[ 279.194939] __do_sys_delete_module.isra.0+0x198/0x2f0\n[ 279.194946] __x64_sys_delete_module+0x16/0x20\n[ 279.194950] do_syscall_64+0x58/0x120\n[ 279.194954] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 279.194980] </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49989", url: "https://www.suse.com/security/cve/CVE-2024-49989", }, { category: "external", summary: "SUSE Bug 1232483 for CVE-2024-49989", url: "https://bugzilla.suse.com/1232483", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49989", }, { cve: "CVE-2024-49990", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49990", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/hdcp: Check GSC structure validity\n\nSometimes xe_gsc is not initialized when checked at HDCP capability\ncheck. Add gsc structure check to avoid null pointer error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49990", url: "https://www.suse.com/security/cve/CVE-2024-49990", }, { category: "external", summary: "SUSE Bug 1232484 for CVE-2024-49990", url: "https://bugzilla.suse.com/1232484", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49990", }, { cve: "CVE-2024-49991", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49991", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer\n\nPass pointer reference to amdgpu_bo_unref to clear the correct pointer,\notherwise amdgpu_bo_unref clear the local variable, the original pointer\nnot set to NULL, this could cause use-after-free bug.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49991", url: "https://www.suse.com/security/cve/CVE-2024-49991", }, { category: "external", summary: "SUSE Bug 1232282 for CVE-2024-49991", url: "https://bugzilla.suse.com/1232282", }, { category: "external", summary: "SUSE Bug 1232284 for CVE-2024-49991", url: "https://bugzilla.suse.com/1232284", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49991", }, { cve: "CVE-2024-49992", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49992", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/stm: Avoid use-after-free issues with crtc and plane\n\nltdc_load() calls functions drm_crtc_init_with_planes(),\ndrm_universal_plane_init() and drm_encoder_init(). These functions\nshould not be called with parameters allocated with devm_kzalloc()\nto avoid use-after-free issues [1].\n\nUse allocations managed by the DRM framework.\n\nFound by Linux Verification Center (linuxtesting.org).\n\n[1]\nhttps://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhuxzli@diujon4h7qwb/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49992", url: "https://www.suse.com/security/cve/CVE-2024-49992", }, { category: "external", summary: "SUSE Bug 1232430 for CVE-2024-49992", url: "https://bugzilla.suse.com/1232430", }, { category: "external", summary: "SUSE Bug 1232431 for CVE-2024-49992", url: "https://bugzilla.suse.com/1232431", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-49992", }, { cve: "CVE-2024-49994", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49994", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49994", url: "https://www.suse.com/security/cve/CVE-2024-49994", }, { category: "external", summary: "SUSE Bug 1237757 for CVE-2024-49994", url: "https://bugzilla.suse.com/1237757", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49994", }, { cve: "CVE-2024-49995", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49995", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: guard against string buffer overrun\n\nSmatch reports that copying media_name and if_name to name_parts may\noverwrite the destination.\n\n .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16)\n .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16)\n\nThis does seem to be the case so guard against this possibility by using\nstrscpy() and failing if truncation occurs.\n\nIntroduced by commit b97bf3fd8f6a (\"[TIPC] Initial merge\")\n\nCompile tested only.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49995", url: "https://www.suse.com/security/cve/CVE-2024-49995", }, { category: "external", summary: "SUSE Bug 1232432 for CVE-2024-49995", url: "https://bugzilla.suse.com/1232432", }, { category: "external", summary: "SUSE Bug 1232433 for CVE-2024-49995", url: "https://bugzilla.suse.com/1232433", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49995", }, { cve: "CVE-2024-49996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49996", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix buffer overflow when parsing NFS reparse points\n\nReparseDataLength is sum of the InodeType size and DataBuffer size.\nSo to get DataBuffer size it is needed to subtract InodeType's size from\nReparseDataLength.\n\nFunction cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer\nat position after the end of the buffer because it does not subtract\nInodeType size from the length. Fix this problem and correctly subtract\nvariable len.\n\nMember InodeType is present only when reparse buffer is large enough. Check\nfor ReparseDataLength before accessing InodeType to prevent another invalid\nmemory access.\n\nMajor and minor rdev values are present also only when reparse buffer is\nlarge enough. Check for reparse buffer size before calling reparse_mkdev().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49996", url: "https://www.suse.com/security/cve/CVE-2024-49996", }, { category: "external", summary: "SUSE Bug 1232089 for CVE-2024-49996", url: "https://bugzilla.suse.com/1232089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49996", }, { cve: "CVE-2024-49997", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49997", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: lantiq_etop: fix memory disclosure\n\nWhen applying padding, the buffer is not zeroed, which results in memory\ndisclosure. The mentioned data is observed on the wire. This patch uses\nskb_put_padto() to pad Ethernet frames properly. The mentioned function\nzeroes the expanded buffer.\n\nIn case the packet cannot be padded it is silently dropped. Statistics\nare also not incremented. This driver does not support statistics in the\nold 32-bit format or the new 64-bit format. These will be added in the\nfuture. In its current form, the patch should be easily backported to\nstable versions.\n\nEthernet MACs on Amazon-SE and Danube cannot do padding of the packets\nin hardware, so software padding must be applied.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49997", url: "https://www.suse.com/security/cve/CVE-2024-49997", }, { category: "external", summary: "SUSE Bug 1232088 for CVE-2024-49997", url: "https://bugzilla.suse.com/1232088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49997", }, { cve: "CVE-2024-49998", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49998", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: improve shutdown sequence\n\nAlexander Sverdlin presents 2 problems during shutdown with the\nlan9303 driver. One is specific to lan9303 and the other just happens\nto reproduce there.\n\nThe first problem is that lan9303 is unique among DSA drivers in that it\ncalls dev_get_drvdata() at \"arbitrary runtime\" (not probe, not shutdown,\nnot remove):\n\nphy_state_machine()\n-> ...\n -> dsa_user_phy_read()\n -> ds->ops->phy_read()\n -> lan9303_phy_read()\n -> chip->ops->phy_read()\n -> lan9303_mdio_phy_read()\n -> dev_get_drvdata()\n\nBut we never stop the phy_state_machine(), so it may continue to run\nafter dsa_switch_shutdown(). Our common pattern in all DSA drivers is\nto set drvdata to NULL to suppress the remove() method that may come\nafterwards. But in this case it will result in an NPD.\n\nThe second problem is that the way in which we set\ndp->conduit->dsa_ptr = NULL; is concurrent with receive packet\nprocessing. dsa_switch_rcv() checks once whether dev->dsa_ptr is NULL,\nbut afterwards, rather than continuing to use that non-NULL value,\ndev->dsa_ptr is dereferenced again and again without NULL checks:\ndsa_conduit_find_user() and many other places. In between dereferences,\nthere is no locking to ensure that what was valid once continues to be\nvalid.\n\nBoth problems have the common aspect that closing the conduit interface\nsolves them.\n\nIn the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN\nevent in dsa_user_netdevice_event() which closes user ports as well.\ndsa_port_disable_rt() calls phylink_stop(), which synchronously stops\nthe phylink state machine, and ds->ops->phy_read() will thus no longer\ncall into the driver after this point.\n\nIn the second case, dev_close(conduit) should do this, as per\nDocumentation/networking/driver.rst:\n\n| Quiescence\n| ----------\n|\n| After the ndo_stop routine has been called, the hardware must\n| not receive or transmit any data. All in flight packets must\n| be aborted. If necessary, poll or wait for completion of\n| any reset commands.\n\nSo it should be sufficient to ensure that later, when we zeroize\nconduit->dsa_ptr, there will be no concurrent dsa_switch_rcv() call\non this conduit.\n\nThe addition of the netif_device_detach() function is to ensure that\nioctls, rtnetlinks and ethtool requests on the user ports no longer\npropagate down to the driver - we're no longer prepared to handle them.\n\nThe race condition actually did not exist when commit 0650bf52b31f\n(\"net: dsa: be compatible with masters which unregister on shutdown\")\nfirst introduced dsa_switch_shutdown(). It was created later, when we\nstopped unregistering the user interfaces from a bad spot, and we just\nreplaced that sequence with a racy zeroization of conduit->dsa_ptr\n(one which doesn't ensure that the interfaces aren't up).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49998", url: "https://www.suse.com/security/cve/CVE-2024-49998", }, { category: "external", summary: "SUSE Bug 1232087 for CVE-2024-49998", url: "https://bugzilla.suse.com/1232087", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49998", }, { cve: "CVE-2024-49999", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49999", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix the setting of the server responding flag\n\nIn afs_wait_for_operation(), we set transcribe the call responded flag to\nthe server record that we used after doing the fileserver iteration loop -\nbut it's possible to exit the loop having had a response from the server\nthat we've discarded (e.g. it returned an abort or we started receiving\ndata, but the call didn't complete).\n\nThis means that op->server might be NULL, but we don't check that before\nattempting to set the server flag.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49999", url: "https://www.suse.com/security/cve/CVE-2024-49999", }, { category: "external", summary: "SUSE Bug 1232086 for CVE-2024-49999", url: "https://bugzilla.suse.com/1232086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-49999", }, { cve: "CVE-2024-50000", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50000", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()\n\nIn mlx5e_tir_builder_alloc() kvzalloc() may return NULL\nwhich is dereferenced on the next line in a reference\nto the modify field.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50000", url: "https://www.suse.com/security/cve/CVE-2024-50000", }, { category: "external", summary: "SUSE Bug 1232085 for CVE-2024-50000", url: "https://bugzilla.suse.com/1232085", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50000", }, { cve: "CVE-2024-50001", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50001", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix error path in multi-packet WQE transmit\n\nRemove the erroneous unmap in case no DMA mapping was established\n\nThe multi-packet WQE transmit code attempts to obtain a DMA mapping for\nthe skb. This could fail, e.g. under memory pressure, when the IOMMU\ndriver just can't allocate more memory for page tables. While the code\ntries to handle this in the path below the err_unmap label it erroneously\nunmaps one entry from the sq's FIFO list of active mappings. Since the\ncurrent map attempt failed this unmap is removing some random DMA mapping\nthat might still be required. If the PCI function now presents that IOVA,\nthe IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI\nfunction in error state.\n\nThe erroneous behavior was seen in a stress-test environment that created\nmemory pressure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50001", url: "https://www.suse.com/security/cve/CVE-2024-50001", }, { category: "external", summary: "SUSE Bug 1232084 for CVE-2024-50001", url: "https://bugzilla.suse.com/1232084", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50001", }, { cve: "CVE-2024-50002", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50002", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstatic_call: Handle module init failure correctly in static_call_del_module()\n\nModule insertion invokes static_call_add_module() to initialize the static\ncalls in a module. static_call_add_module() invokes __static_call_init(),\nwhich allocates a struct static_call_mod to either encapsulate the built-in\nstatic call sites of the associated key into it so further modules can be\nadded or to append the module to the module chain.\n\nIf that allocation fails the function returns with an error code and the\nmodule core invokes static_call_del_module() to clean up eventually added\nstatic_call_mod entries.\n\nThis works correctly, when all keys used by the module were converted over\nto a module chain before the failure. If not then static_call_del_module()\ncauses a #GP as it blindly assumes that key::mods points to a valid struct\nstatic_call_mod.\n\nThe problem is that key::mods is not a individual struct member of struct\nstatic_call_key, it's part of a union to save space:\n\n union {\n /* bit 0: 0 = mods, 1 = sites */\n unsigned long type;\n struct static_call_mod *mods;\n struct static_call_site *sites;\n\t};\n\nkey::sites is a pointer to the list of built-in usage sites of the static\ncall. The type of the pointer is differentiated by bit 0. A mods pointer\nhas the bit clear, the sites pointer has the bit set.\n\nAs static_call_del_module() blidly assumes that the pointer is a valid\nstatic_call_mod type, it fails to check for this failure case and\ndereferences the pointer to the list of built-in call sites, which is\nobviously bogus.\n\nCure it by checking whether the key has a sites or a mods pointer.\n\nIf it's a sites pointer then the key is not to be touched. As the sites are\nwalked in the same order as in __static_call_init() the site walk can be\nterminated because all subsequent sites have not been touched by the init\ncode due to the error exit.\n\nIf it was converted before the allocation fail, then the inner loop which\nsearches for a module match will find nothing.\n\nA fail in the second allocation in __static_call_init() is harmless and\ndoes not require special treatment. The first allocation succeeded and\nconverted the key to a module chain. That first entry has mod::mod == NULL\nand mod::next == NULL, so the inner loop of static_call_del_module() will\nneither find a module match nor a module chain. The next site in the walk\nwas either already converted, but can't match the module, or it will exit\nthe outer loop because it has a static_call_site pointer and not a\nstatic_call_mod pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50002", url: "https://www.suse.com/security/cve/CVE-2024-50002", }, { category: "external", summary: "SUSE Bug 1232083 for CVE-2024-50002", url: "https://bugzilla.suse.com/1232083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50002", }, { cve: "CVE-2024-50003", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50003", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix system hang while resume with TBT monitor\n\n[Why]\nConnected with a Thunderbolt monitor and do the suspend and the system\nmay hang while resume.\n\nThe TBT monitor HPD will be triggered during the resume procedure\nand call the drm_client_modeset_probe() while\nstruct drm_connector connector->dev->master is NULL.\n\nIt will mess up the pipe topology after resume.\n\n[How]\nSkip the TBT monitor HPD during the resume procedure because we\ncurrently will probe the connectors after resume by default.\n\n(cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50003", url: "https://www.suse.com/security/cve/CVE-2024-50003", }, { category: "external", summary: "SUSE Bug 1232385 for CVE-2024-50003", url: "https://bugzilla.suse.com/1232385", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50003", }, { cve: "CVE-2024-50004", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50004", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35\n\n[WHY & HOW]\nMismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause\ngrey screen and system hang. Remove EnhancedPrefetchScheduleAccelerationFinal value override\nto match HW spec.\n\n(cherry picked from commit 9dad21f910fcea2bdcff4af46159101d7f9cd8ba)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50004", url: "https://www.suse.com/security/cve/CVE-2024-50004", }, { category: "external", summary: "SUSE Bug 1232396 for CVE-2024-50004", url: "https://bugzilla.suse.com/1232396", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50004", }, { cve: "CVE-2024-50005", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50005", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: Fix potential RCU dereference issue in mac802154_scan_worker\n\nIn the `mac802154_scan_worker` function, the `scan_req->type` field was\naccessed after the RCU read-side critical section was unlocked. According\nto RCU usage rules, this is illegal and can lead to unpredictable\nbehavior, such as accessing memory that has been updated or causing\nuse-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the `scan_req->type` value is now stored in a local\nvariable `scan_req_type` while still within the RCU read-side critical\nsection. The `scan_req_type` is then used after the RCU lock is released,\nensuring that the type value is safely accessed without violating RCU\nrules.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50005", url: "https://www.suse.com/security/cve/CVE-2024-50005", }, { category: "external", summary: "SUSE Bug 1232082 for CVE-2024-50005", url: "https://bugzilla.suse.com/1232082", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50005", }, { cve: "CVE-2024-50006", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50006", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix i_data_sem unlock order in ext4_ind_migrate()\n\nFuzzing reports a possible deadlock in jbd2_log_wait_commit.\n\nThis issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require\nsynchronous updates because the file descriptor is opened with O_SYNC.\nThis can lead to the jbd2_journal_stop() function calling\njbd2_might_wait_for_commit(), potentially causing a deadlock if the\nEXT4_IOC_MIGRATE call races with a write(2) system call.\n\nThis problem only arises when CONFIG_PROVE_LOCKING is enabled. In this\ncase, the jbd2_might_wait_for_commit macro locks jbd2_handle in the\njbd2_journal_stop function while i_data_sem is locked. This triggers\nlockdep because the jbd2_journal_start function might also lock the same\njbd2_handle simultaneously.\n\nFound by Linux Verification Center (linuxtesting.org) with syzkaller.\n\nRule: add", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50006", url: "https://www.suse.com/security/cve/CVE-2024-50006", }, { category: "external", summary: "SUSE Bug 1232442 for CVE-2024-50006", url: "https://bugzilla.suse.com/1232442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50006", }, { cve: "CVE-2024-50007", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50007", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: asihpi: Fix potential OOB array access\n\nASIHPI driver stores some values in the static array upon a response\nfrom the driver, and its index depends on the firmware. We shouldn't\ntrust it blindly.\n\nThis patch adds a sanity check of the array index to fit in the array\nsize.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50007", url: "https://www.suse.com/security/cve/CVE-2024-50007", }, { category: "external", summary: "SUSE Bug 1232394 for CVE-2024-50007", url: "https://bugzilla.suse.com/1232394", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50007", }, { cve: "CVE-2024-50008", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50008", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()\n\nReplace one-element array with a flexible-array member in\n`struct host_cmd_ds_802_11_scan_ext`.\n\nWith this, fix the following warning:\n\nelo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------\nelo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field \"ext_scan->tlv_buffer\" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1)\nelo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50008", url: "https://www.suse.com/security/cve/CVE-2024-50008", }, { category: "external", summary: "SUSE Bug 1232317 for CVE-2024-50008", url: "https://bugzilla.suse.com/1232317", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50008", }, { cve: "CVE-2024-50009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50009", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: amd-pstate: add check for cpufreq_cpu_get's return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50009", url: "https://www.suse.com/security/cve/CVE-2024-50009", }, { category: "external", summary: "SUSE Bug 1232318 for CVE-2024-50009", url: "https://bugzilla.suse.com/1232318", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50009", }, { cve: "CVE-2024-50010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50010", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexec: don't WARN for racy path_noexec check\n\nBoth i_mode and noexec checks wrapped in WARN_ON stem from an artifact\nof the previous implementation. They used to legitimately check for the\ncondition, but that got moved up in two commits:\n633fb6ac3980 (\"exec: move S_ISREG() check earlier\")\n0fd338b2d2cd (\"exec: move path_noexec() check earlier\")\n\nInstead of being removed said checks are WARN_ON'ed instead, which\nhas some debug value.\n\nHowever, the spurious path_noexec check is racy, resulting in\nunwarranted warnings should someone race with setting the noexec flag.\n\nOne can note there is more to perm-checking whether execve is allowed\nand none of the conditions are guaranteed to still hold after they were\ntested for.\n\nAdditionally this does not validate whether the code path did any perm\nchecking to begin with -- it will pass if the inode happens to be\nregular.\n\nKeep the redundant path_noexec() check even though it's mindless\nnonsense checking for guarantee that isn't given so drop the WARN.\n\nReword the commentary and do small tidy ups while here.\n\n[brauner: keep redundant path_noexec() check]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50010", url: "https://www.suse.com/security/cve/CVE-2024-50010", }, { category: "external", summary: "SUSE Bug 1232388 for CVE-2024-50010", url: "https://bugzilla.suse.com/1232388", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50010", }, { cve: "CVE-2024-50011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50011", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item\n\nThere is no links_num in struct snd_soc_acpi_mach {}, and we test\n!link->num_adr as a condition to end the loop in hda_sdw_machine_select().\nSo an empty item in struct snd_soc_acpi_link_adr array is required.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50011", url: "https://www.suse.com/security/cve/CVE-2024-50011", }, { category: "external", summary: "SUSE Bug 1232081 for CVE-2024-50011", url: "https://bugzilla.suse.com/1232081", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50011", }, { cve: "CVE-2024-50012", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50012", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: Avoid a bad reference count on CPU node\n\nIn the parse_perf_domain function, if the call to\nof_parse_phandle_with_args returns an error, then the reference to the\nCPU device node that was acquired at the start of the function would not\nbe properly decremented.\n\nAddress this by declaring the variable with the __free(device_node)\ncleanup attribute.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50012", url: "https://www.suse.com/security/cve/CVE-2024-50012", }, { category: "external", summary: "SUSE Bug 1232386 for CVE-2024-50012", url: "https://bugzilla.suse.com/1232386", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50012", }, { cve: "CVE-2024-50013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50013", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix memory leak in exfat_load_bitmap()\n\nIf the first directory entry in the root directory is not a bitmap\ndirectory entry, 'bh' will not be released and reassigned, which\nwill cause a memory leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50013", url: "https://www.suse.com/security/cve/CVE-2024-50013", }, { category: "external", summary: "SUSE Bug 1232080 for CVE-2024-50013", url: "https://bugzilla.suse.com/1232080", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50013", }, { cve: "CVE-2024-50014", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50014", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix access to uninitialised lock in fc replay path\n\nThe following kernel trace can be triggered with fstest generic/629 when\nexecuted against a filesystem with fast-commit feature enabled:\n\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn't initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\nCall Trace:\n <TASK>\n dump_stack_lvl+0x66/0x90\n register_lock_class+0x759/0x7d0\n __lock_acquire+0x85/0x2630\n ? __find_get_block+0xb4/0x380\n lock_acquire+0xd1/0x2d0\n ? __ext4_journal_get_write_access+0xd5/0x160\n _raw_spin_lock+0x33/0x40\n ? __ext4_journal_get_write_access+0xd5/0x160\n __ext4_journal_get_write_access+0xd5/0x160\n ext4_reserve_inode_write+0x61/0xb0\n __ext4_mark_inode_dirty+0x79/0x270\n ? ext4_ext_replay_set_iblocks+0x2f8/0x450\n ext4_ext_replay_set_iblocks+0x330/0x450\n ext4_fc_replay+0x14c8/0x1540\n ? jread+0x88/0x2e0\n ? rcu_is_watching+0x11/0x40\n do_one_pass+0x447/0xd00\n jbd2_journal_recover+0x139/0x1b0\n jbd2_journal_load+0x96/0x390\n ext4_load_and_init_journal+0x253/0xd40\n ext4_fill_super+0x2cc6/0x3180\n...\n\nIn the replay path there's an attempt to lock sbi->s_bdev_wb_lock in\nfunction ext4_check_bdev_write_error(). Unfortunately, at this point this\nspinlock has not been initialized yet. Moving it's initialization to an\nearlier point in __ext4_fill_super() fixes this splat.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50014", url: "https://www.suse.com/security/cve/CVE-2024-50014", }, { category: "external", summary: "SUSE Bug 1232446 for CVE-2024-50014", url: "https://bugzilla.suse.com/1232446", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50014", }, { cve: "CVE-2024-50015", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50015", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: dax: fix overflowing extents beyond inode size when partially writing\n\nThe dax_iomap_rw() does two things in each iteration: map written blocks\nand copy user data to blocks. If the process is killed by user(See signal\nhandling in dax_iomap_iter()), the copied data will be returned and added\non inode size, which means that the length of written extents may exceed\nthe inode size, then fsck will fail. An example is given as:\n\ndd if=/dev/urandom of=file bs=4M count=1\n dax_iomap_rw\n iomap_iter // round 1\n ext4_iomap_begin\n ext4_iomap_alloc // allocate 0~2M extents(written flag)\n dax_iomap_iter // copy 2M data\n iomap_iter // round 2\n iomap_iter_advance\n iter->pos += iter->processed // iter->pos = 2M\n ext4_iomap_begin\n ext4_iomap_alloc // allocate 2~4M extents(written flag)\n dax_iomap_iter\n fatal_signal_pending\n done = iter->pos - iocb->ki_pos // done = 2M\n ext4_handle_inode_extension\n ext4_update_inode_size // inode size = 2M\n\nfsck reports: Inode 13, i_size is 2097152, should be 4194304. Fix?\n\nFix the problem by truncating extents if the written length is smaller\nthan expected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50015", url: "https://www.suse.com/security/cve/CVE-2024-50015", }, { category: "external", summary: "SUSE Bug 1232079 for CVE-2024-50015", url: "https://bugzilla.suse.com/1232079", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50015", }, { cve: "CVE-2024-50016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50016", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid overflow assignment in link_dp_cts\n\nsampling_rate is an uint8_t but is assigned an unsigned int, and thus it\ncan overflow. As a result, sampling_rate is changed to uint32_t.\n\nSimilarly, LINK_QUAL_PATTERN_SET has a size of 2 bits, and it should\nonly be assigned to a value less or equal than 4.\n\nThis fixes 2 INTEGER_OVERFLOW issues reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50016", url: "https://www.suse.com/security/cve/CVE-2024-50016", }, { category: "external", summary: "SUSE Bug 1232420 for CVE-2024-50016", url: "https://bugzilla.suse.com/1232420", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50016", }, { cve: "CVE-2024-50017", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50017", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/ident_map: Use gbpages only where full GB page should be mapped.\n\nWhen ident_pud_init() uses only GB pages to create identity maps, large\nranges of addresses not actually requested can be included in the resulting\ntable; a 4K request will map a full GB. This can include a lot of extra\naddress space past that requested, including areas marked reserved by the\nBIOS. That allows processor speculation into reserved regions, that on UV\nsystems can cause system halts.\n\nOnly use GB pages when map creation requests include the full GB page of\nspace. Fall back to using smaller 2M pages when only portions of a GB page\nare included in the request.\n\nNo attempt is made to coalesce mapping requests. If a request requires a\nmap entry at the 2M (pmd) level, subsequent mapping requests within the\nsame 1G region will also be at the pmd level, even if adjacent or\noverlapping such requests could have been combined to map a full GB page.\nExisting usage starts with larger regions and then adds smaller regions, so\nthis should not have any great consequence.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50017", url: "https://www.suse.com/security/cve/CVE-2024-50017", }, { category: "external", summary: "SUSE Bug 1232312 for CVE-2024-50017", url: "https://bugzilla.suse.com/1232312", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50017", }, { cve: "CVE-2024-50018", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50018", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50018", url: "https://www.suse.com/security/cve/CVE-2024-50018", }, { category: "external", summary: "SUSE Bug 1232419 for CVE-2024-50018", url: "https://bugzilla.suse.com/1232419", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50018", }, { cve: "CVE-2024-50019", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50019", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nkthread: unpark only parked kthread\n\nCalling into kthread unparking unconditionally is mostly harmless when\nthe kthread is already unparked. The wake up is then simply ignored\nbecause the target is not in TASK_PARKED state.\n\nHowever if the kthread is per CPU, the wake up is preceded by a call\nto kthread_bind() which expects the task to be inactive and in\nTASK_PARKED state, which obviously isn't the case if it is unparked.\n\nAs a result, calling kthread_stop() on an unparked per-cpu kthread\ntriggers such a warning:\n\n\tWARNING: CPU: 0 PID: 11 at kernel/kthread.c:525 __kthread_bind_mask kernel/kthread.c:525\n\t <TASK>\n\t kthread_stop+0x17a/0x630 kernel/kthread.c:707\n\t destroy_workqueue+0x136/0xc40 kernel/workqueue.c:5810\n\t wg_destruct+0x1e2/0x2e0 drivers/net/wireguard/device.c:257\n\t netdev_run_todo+0xe1a/0x1000 net/core/dev.c:10693\n\t default_device_exit_batch+0xa14/0xa90 net/core/dev.c:11769\n\t ops_exit_list net/core/net_namespace.c:178 [inline]\n\t cleanup_net+0x89d/0xcc0 net/core/net_namespace.c:640\n\t process_one_work kernel/workqueue.c:3231 [inline]\n\t process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312\n\t worker_thread+0x86d/0xd70 kernel/workqueue.c:3393\n\t kthread+0x2f0/0x390 kernel/kthread.c:389\n\t ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n\t ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\t </TASK>\n\nFix this with skipping unecessary unparking while stopping a kthread.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50019", url: "https://www.suse.com/security/cve/CVE-2024-50019", }, { category: "external", summary: "SUSE Bug 1231990 for CVE-2024-50019", url: "https://bugzilla.suse.com/1231990", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50019", }, { cve: "CVE-2024-50020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50020", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()\n\nThis patch addresses an issue with improper reference count handling in the\nice_sriov_set_msix_vec_count() function.\n\nFirst, the function calls ice_get_vf_by_id(), which increments the\nreference count of the vf pointer. If the subsequent call to\nice_get_vf_vsi() fails, the function currently returns an error without\ndecrementing the reference count of the vf pointer, leading to a reference\ncount leak. The correct behavior, as implemented in this patch, is to\ndecrement the reference count using ice_put_vf(vf) before returning an\nerror when vsi is NULL.\n\nSecond, the function calls ice_sriov_get_irqs(), which sets\nvf->first_vector_idx. If this call returns a negative value, indicating an\nerror, the function returns an error without decrementing the reference\ncount of the vf pointer, resulting in another reference count leak. The\npatch addresses this by adding a call to ice_put_vf(vf) before returning\nan error when vf->first_vector_idx < 0.\n\nThis bug was identified by an experimental static analysis tool developed\nby our team. The tool specializes in analyzing reference count operations\nand identifying potential mismanagement of reference counts. In this case,\nthe tool flagged the missing decrement operation as a potential issue,\nleading to this patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50020", url: "https://www.suse.com/security/cve/CVE-2024-50020", }, { category: "external", summary: "SUSE Bug 1231989 for CVE-2024-50020", url: "https://bugzilla.suse.com/1231989", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50020", }, { cve: "CVE-2024-50021", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50021", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()\n\nThis patch addresses a reference count handling issue in the\nice_dpll_init_rclk_pins() function. The function calls ice_dpll_get_pins(),\nwhich increments the reference count of the relevant resources. However,\nif the condition WARN_ON((!vsi || !vsi->netdev)) is met, the function\ncurrently returns an error without properly releasing the resources\nacquired by ice_dpll_get_pins(), leading to a reference count leak.\n\nTo resolve this, the check has been moved to the top of the function. This\nensures that the function verifies the state before any resources are\nacquired, avoiding the need for additional resource management in the\nerror path.\n\nThis bug was identified by an experimental static analysis tool developed\nby our team. The tool specializes in analyzing reference count operations\nand detecting potential issues where resources are not properly managed.\nIn this case, the tool flagged the missing release operation as a\npotential problem, which led to the development of this patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50021", url: "https://www.suse.com/security/cve/CVE-2024-50021", }, { category: "external", summary: "SUSE Bug 1231957 for CVE-2024-50021", url: "https://bugzilla.suse.com/1231957", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50021", }, { cve: "CVE-2024-50022", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50022", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndevice-dax: correct pgoff align in dax_set_mapping()\n\npgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise,\nvmf->address not aligned to fault_size will be aligned to the next\nalignment, that can result in memory failure getting the wrong address.\n\nIt's a subtle situation that only can be observed in\npage_mapped_in_vma() after the page is page fault handled by\ndev_dax_huge_fault. Generally, there is little chance to perform\npage_mapped_in_vma in dev-dax's page unless in specific error injection\nto the dax device to trigger an MCE - memory-failure. In that case,\npage_mapped_in_vma() will be triggered to determine which task is\naccessing the failure address and kill that task in the end.\n\n\nWe used self-developed dax device (which is 2M aligned mapping) , to\nperform error injection to random address. It turned out that error\ninjected to non-2M-aligned address was causing endless MCE until panic.\nBecause page_mapped_in_vma() kept resulting wrong address and the task\naccessing the failure address was never killed properly:\n\n\n[ 3783.719419] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.049006] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.049190] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.448042] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.448186] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3784.792026] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3784.792179] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.162502] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.162633] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.461116] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.461247] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3785.764730] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3785.764859] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.042128] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.042259] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.464293] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.464423] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3786.818090] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3786.818217] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n[ 3787.085297] mce: Uncorrected hardware memory error in user-access at \n200c9742380\n[ 3787.085424] Memory failure: 0x200c9742: recovery action for dax page: \nRecovered\n\nIt took us several weeks to pinpoint this problem, but we eventually\nused bpftrace to trace the page fault and mce address and successfully\nidentified the issue.\n\n\nJoao added:\n\n; Likely we never reproduce in production because we always pin\n: device-dax regions in the region align they provide (Qemu does\n: similarly with prealloc in hugetlb/file backed memory). I think this\n: bug requires that we touch *unpinned* device-dax regions unaligned to\n: the device-dax selected alignment (page size i.e. 4K/2M/1G)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50022", url: "https://www.suse.com/security/cve/CVE-2024-50022", }, { category: "external", summary: "SUSE Bug 1231956 for CVE-2024-50022", url: "https://bugzilla.suse.com/1231956", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50022", }, { cve: "CVE-2024-50023", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50023", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Remove LED entry from LEDs list on unregister\n\nCommit c938ab4da0eb (\"net: phy: Manual remove LEDs to ensure correct\nordering\") correctly fixed a problem with using devm_ but missed\nremoving the LED entry from the LEDs list.\n\nThis cause kernel panic on specific scenario where the port for the PHY\nis torn down and up and the kmod for the PHY is removed.\n\nOn setting the port down the first time, the assosiacted LEDs are\ncorrectly unregistered. The associated kmod for the PHY is now removed.\nThe kmod is now added again and the port is now put up, the associated LED\nare registered again.\nOn putting the port down again for the second time after these step, the\nLED list now have 4 elements. With the first 2 already unregistered\npreviously and the 2 new one registered again.\n\nThis cause a kernel panic as the first 2 element should have been\nremoved.\n\nFix this by correctly removing the element when LED is unregistered.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50023", url: "https://www.suse.com/security/cve/CVE-2024-50023", }, { category: "external", summary: "SUSE Bug 1231955 for CVE-2024-50023", url: "https://bugzilla.suse.com/1231955", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50023", }, { cve: "CVE-2024-50024", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50024", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix an unsafe loop on the list\n\nThe kernel may crash when deleting a genetlink family if there are still\nlisteners for that family:\n\nOops: Kernel access of bad area, sig: 11 [#1]\n ...\n NIP [c000000000c080bc] netlink_update_socket_mc+0x3c/0xc0\n LR [c000000000c0f764] __netlink_clear_multicast_users+0x74/0xc0\n Call Trace:\n__netlink_clear_multicast_users+0x74/0xc0\ngenl_unregister_family+0xd4/0x2d0\n\nChange the unsafe loop on the list to a safe one, because inside the\nloop there is an element removal from this list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50024", url: "https://www.suse.com/security/cve/CVE-2024-50024", }, { category: "external", summary: "SUSE Bug 1231954 for CVE-2024-50024", url: "https://bugzilla.suse.com/1231954", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50024", }, { cve: "CVE-2024-50025", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50025", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: fnic: Move flush_work initialization out of if block\n\nAfter commit 379a58caa199 (\"scsi: fnic: Move fnic_fnic_flush_tx() to a\nwork queue\"), it can happen that a work item is sent to an uninitialized\nwork queue. This may has the effect that the item being queued is never\nactually queued, and any further actions depending on it will not\nproceed.\n\nThe following warning is observed while the fnic driver is loaded:\n\nkernel: WARNING: CPU: 11 PID: 0 at ../kernel/workqueue.c:1524 __queue_work+0x373/0x410\nkernel: <IRQ>\nkernel: queue_work_on+0x3a/0x50\nkernel: fnic_wq_copy_cmpl_handler+0x54a/0x730 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24]\nkernel: fnic_isr_msix_wq_copy+0x2d/0x60 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24]\nkernel: __handle_irq_event_percpu+0x36/0x1a0\nkernel: handle_irq_event_percpu+0x30/0x70\nkernel: handle_irq_event+0x34/0x60\nkernel: handle_edge_irq+0x7e/0x1a0\nkernel: __common_interrupt+0x3b/0xb0\nkernel: common_interrupt+0x58/0xa0\nkernel: </IRQ>\n\nIt has been observed that this may break the rediscovery of Fibre\nChannel devices after a temporary fabric failure.\n\nThis patch fixes it by moving the work queue initialization out of\nan if block in fnic_probe().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50025", url: "https://www.suse.com/security/cve/CVE-2024-50025", }, { category: "external", summary: "SUSE Bug 1231953 for CVE-2024-50025", url: "https://bugzilla.suse.com/1231953", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50025", }, { cve: "CVE-2024-50026", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50026", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: wd33c93: Don't use stale scsi_pointer value\n\nA regression was introduced with commit dbb2da557a6a (\"scsi: wd33c93:\nMove the SCSI pointer to private command data\") which results in an oops\nin wd33c93_intr(). That commit added the scsi_pointer variable and\ninitialized it from hostdata->connected. However, during selection,\nhostdata->connected is not yet valid. Fix this by getting the current\nscsi_pointer from hostdata->selecting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50026", url: "https://www.suse.com/security/cve/CVE-2024-50026", }, { category: "external", summary: "SUSE Bug 1231952 for CVE-2024-50026", url: "https://bugzilla.suse.com/1231952", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50026", }, { cve: "CVE-2024-50027", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50027", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Free tzp copy along with the thermal zone\n\nThe object pointed to by tz->tzp may still be accessed after being\nfreed in thermal_zone_device_unregister(), so move the freeing of it\nto the point after the removal completion has been completed at which\nit cannot be accessed any more.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50027", url: "https://www.suse.com/security/cve/CVE-2024-50027", }, { category: "external", summary: "SUSE Bug 1231951 for CVE-2024-50027", url: "https://bugzilla.suse.com/1231951", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50027", }, { cve: "CVE-2024-50028", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50028", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Reference count the zone in thermal_zone_get_by_id()\n\nThere are places in the thermal netlink code where nothing prevents\nthe thermal zone object from going away while being accessed after it\nhas been returned by thermal_zone_get_by_id().\n\nTo address this, make thermal_zone_get_by_id() get a reference on the\nthermal zone device object to be returned with the help of get_device(),\nunder thermal_list_lock, and adjust all of its callers to this change\nwith the help of the cleanup.h infrastructure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50028", url: "https://www.suse.com/security/cve/CVE-2024-50028", }, { category: "external", summary: "SUSE Bug 1231950 for CVE-2024-50028", url: "https://bugzilla.suse.com/1231950", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50028", }, { cve: "CVE-2024-50029", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50029", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n <TASK>\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50029", url: "https://www.suse.com/security/cve/CVE-2024-50029", }, { category: "external", summary: "SUSE Bug 1231949 for CVE-2024-50029", url: "https://bugzilla.suse.com/1231949", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50029", }, { cve: "CVE-2024-50030", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50030", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/ct: prevent UAF in send_recv()\n\nEnsure we serialize with completion side to prevent UAF with fence going\nout of scope on the stack, since we have no clue if it will fire after\nthe timeout before we can erase from the xa. Also we have some dependent\nloads and stores for which we need the correct ordering, and we lack the\nneeded barriers. Fix this by grabbing the ct->lock after the wait, which\nis also held by the completion side.\n\nv2 (Badal):\n - Also print done after acquiring the lock and seeing timeout.\n\n(cherry picked from commit 52789ce35c55ccd30c4b67b9cc5b2af55e0122ea)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50030", url: "https://www.suse.com/security/cve/CVE-2024-50030", }, { category: "external", summary: "SUSE Bug 1231948 for CVE-2024-50030", url: "https://bugzilla.suse.com/1231948", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50030", }, { cve: "CVE-2024-50031", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50031", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop the active perfmon before being destroyed\n\nWhen running `kmscube` with one or more performance monitors enabled\nvia `GALLIUM_HUD`, the following kernel panic can occur:\n\n[ 55.008324] Unable to handle kernel paging request at virtual address 00000000052004a4\n[ 55.008368] Mem abort info:\n[ 55.008377] ESR = 0x0000000096000005\n[ 55.008387] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 55.008402] SET = 0, FnV = 0\n[ 55.008412] EA = 0, S1PTW = 0\n[ 55.008421] FSC = 0x05: level 1 translation fault\n[ 55.008434] Data abort info:\n[ 55.008442] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 55.008455] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 55.008467] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 55.008481] user pgtable: 4k pages, 39-bit VAs, pgdp=00000001046c6000\n[ 55.008497] [00000000052004a4] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 55.008525] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 55.008542] Modules linked in: rfcomm [...] vc4 v3d snd_soc_hdmi_codec drm_display_helper\ngpu_sched drm_shmem_helper cec drm_dma_helper drm_kms_helper i2c_brcmstb\ndrm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight\n[ 55.008799] CPU: 2 PID: 166 Comm: v3d_bin Tainted: G C 6.6.47+rpt-rpi-v8 #1 Debian 1:6.6.47-1+rpt1\n[ 55.008824] Hardware name: Raspberry Pi 4 Model B Rev 1.5 (DT)\n[ 55.008838] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 55.008855] pc : __mutex_lock.constprop.0+0x90/0x608\n[ 55.008879] lr : __mutex_lock.constprop.0+0x58/0x608\n[ 55.008895] sp : ffffffc080673cf0\n[ 55.008904] x29: ffffffc080673cf0 x28: 0000000000000000 x27: ffffff8106188a28\n[ 55.008926] x26: ffffff8101e78040 x25: ffffff8101baa6c0 x24: ffffffd9d989f148\n[ 55.008947] x23: ffffffda1c2a4008 x22: 0000000000000002 x21: ffffffc080673d38\n[ 55.008968] x20: ffffff8101238000 x19: ffffff8104f83188 x18: 0000000000000000\n[ 55.008988] x17: 0000000000000000 x16: ffffffda1bd04d18 x15: 00000055bb08bc90\n[ 55.009715] x14: 0000000000000000 x13: 0000000000000000 x12: ffffffda1bd4cbb0\n[ 55.010433] x11: 00000000fa83b2da x10: 0000000000001a40 x9 : ffffffda1bd04d04\n[ 55.011162] x8 : ffffff8102097b80 x7 : 0000000000000000 x6 : 00000000030a5857\n[ 55.011880] x5 : 00ffffffffffffff x4 : 0300000005200470 x3 : 0300000005200470\n[ 55.012598] x2 : ffffff8101238000 x1 : 0000000000000021 x0 : 0300000005200470\n[ 55.013292] Call trace:\n[ 55.013959] __mutex_lock.constprop.0+0x90/0x608\n[ 55.014646] __mutex_lock_slowpath+0x1c/0x30\n[ 55.015317] mutex_lock+0x50/0x68\n[ 55.015961] v3d_perfmon_stop+0x40/0xe0 [v3d]\n[ 55.016627] v3d_bin_job_run+0x10c/0x2d8 [v3d]\n[ 55.017282] drm_sched_main+0x178/0x3f8 [gpu_sched]\n[ 55.017921] kthread+0x11c/0x128\n[ 55.018554] ret_from_fork+0x10/0x20\n[ 55.019168] Code: f9400260 f1001c1f 54001ea9 927df000 (b9403401)\n[ 55.019776] ---[ end trace 0000000000000000 ]---\n[ 55.020411] note: v3d_bin[166] exited with preempt_count 1\n\nThis issue arises because, upon closing the file descriptor (which happens\nwhen we interrupt `kmscube`), the active performance monitor is not\nstopped. Although all perfmons are destroyed in `v3d_perfmon_close_file()`,\nthe active performance monitor's pointer (`v3d->active_perfmon`) is still\nretained.\n\nIf `kmscube` is run again, the driver will attempt to stop the active\nperformance monitor using the stale pointer in `v3d->active_perfmon`.\nHowever, this pointer is no longer valid because the previous process has\nalready terminated, and all performance monitors associated with it have\nbeen destroyed and freed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50031", url: "https://www.suse.com/security/cve/CVE-2024-50031", }, { category: "external", summary: "SUSE Bug 1231947 for CVE-2024-50031", url: "https://bugzilla.suse.com/1231947", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50031", }, { cve: "CVE-2024-50032", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50032", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/nocb: Fix rcuog wake-up from offline softirq\n\nAfter a CPU has set itself offline and before it eventually calls\nrcutree_report_cpu_dead(), there are still opportunities for callbacks\nto be enqueued, for example from a softirq. When that happens on NOCB,\nthe rcuog wake-up is deferred through an IPI to an online CPU in order\nnot to call into the scheduler and risk arming the RT-bandwidth after\nhrtimers have been migrated out and disabled.\n\nBut performing a synchronized IPI from a softirq is buggy as reported in\nthe following scenario:\n\n WARNING: CPU: 1 PID: 26 at kernel/smp.c:633 smp_call_function_single\n Modules linked in: rcutorture torture\n CPU: 1 UID: 0 PID: 26 Comm: migration/1 Not tainted 6.11.0-rc1-00012-g9139f93209d1 #1\n Stopper: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120\n RIP: 0010:smp_call_function_single\n <IRQ>\n swake_up_one_online\n __call_rcu_nocb_wake\n __call_rcu_common\n ? rcu_torture_one_read\n call_timer_fn\n __run_timers\n run_timer_softirq\n handle_softirqs\n irq_exit_rcu\n ? tick_handle_periodic\n sysvec_apic_timer_interrupt\n </IRQ>\n\nFix this with forcing deferred rcuog wake up through the NOCB timer when\nthe CPU is offline. The actual wake up will happen from\nrcutree_report_cpu_dead().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50032", url: "https://www.suse.com/security/cve/CVE-2024-50032", }, { category: "external", summary: "SUSE Bug 1231915 for CVE-2024-50032", url: "https://bugzilla.suse.com/1231915", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50032", }, { cve: "CVE-2024-50033", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50033", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: make slhc_remember() more robust against malicious packets\n\nsyzbot found that slhc_remember() was missing checks against\nmalicious packets [1].\n\nslhc_remember() only checked the size of the packet was at least 20,\nwhich is not good enough.\n\nWe need to make sure the packet includes the IPv4 and TCP header\nthat are supposed to be carried.\n\nAdd iph and th pointers to make the code more readable.\n\n[1]\n\nBUG: KMSAN: uninit-value in slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\n slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\n ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455\n ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [inline]\n ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212\n ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\n __release_sock+0x1da/0x330 net/core/sock.c:3072\n release_sock+0x6b/0x250 net/core/sock.c:3626\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4091 [inline]\n slab_alloc_node mm/slub.c:4134 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1322 [inline]\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50033", url: "https://www.suse.com/security/cve/CVE-2024-50033", }, { category: "external", summary: "SUSE Bug 1231914 for CVE-2024-50033", url: "https://bugzilla.suse.com/1231914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50033", }, { cve: "CVE-2024-50034", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50034", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC\n\nEric report a panic on IPPROTO_SMC, and give the facts\nthat when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too.\n\nBug: Unable to handle kernel NULL pointer dereference at virtual address\n0000000000000000\nMem abort info:\nESR = 0x0000000086000005\nEC = 0x21: IABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000\n[0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003,\npud=0000000000000000\nInternal error: Oops: 0000000086000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted\n6.11.0-rc7-syzkaller-g5f5673607153 #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 08/06/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : 0x0\nlr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910\nsp : ffff80009b887a90\nx29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000\nx26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00\nx23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000\nx20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee\nx17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001\nx14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003\nx11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1\nx8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000\nx2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000\nCall trace:\n0x0\nnetlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000\nsmack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593\nsmack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973\nsecurity_socket_post_create+0x94/0xd4 security/security.c:4425\n__sock_create+0x4c8/0x884 net/socket.c:1587\nsock_create net/socket.c:1622 [inline]\n__sys_socket_create net/socket.c:1659 [inline]\n__sys_socket+0x134/0x340 net/socket.c:1706\n__do_sys_socket net/socket.c:1720 [inline]\n__se_sys_socket net/socket.c:1718 [inline]\n__arm64_sys_socket+0x7c/0x94 net/socket.c:1718\n__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\nel0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\nCode: ???????? ???????? ???????? ???????? (????????)\n---[ end trace 0000000000000000 ]---\n\nThis patch add a toy implementation that performs a simple return to\nprevent such panic. This is because MSS can be set in sock_create_kern\nor smc_setsockopt, similar to how it's done in AF_SMC. However, for\nAF_SMC, there is currently no way to synchronize MSS within\n__sys_connect_file. This toy implementation lays the groundwork for us\nto support such feature for IPPROTO_SMC in the future.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50034", url: "https://www.suse.com/security/cve/CVE-2024-50034", }, { category: "external", summary: "SUSE Bug 1231913 for CVE-2024-50034", url: "https://bugzilla.suse.com/1231913", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50034", }, { cve: "CVE-2024-50035", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50035", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: fix ppp_async_encode() illegal access\n\nsyzbot reported an issue in ppp_async_encode() [1]\n\nIn this case, pppoe_sendmsg() is called with a zero size.\nThen ppp_async_encode() is called with an empty skb.\n\nBUG: KMSAN: uninit-value in ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\n BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\n ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\n ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\n ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [inline]\n ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\n __release_sock+0x1da/0x330 net/core/sock.c:3072\n release_sock+0x6b/0x250 net/core/sock.c:3626\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4092 [inline]\n slab_alloc_node mm/slub.c:4135 [inline]\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1322 [inline]\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\n __do_sys_sendmmsg net/socket.c:2771 [inline]\n __se_sys_sendmmsg net/socket.c:2768 [inline]\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 Not tainted 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50035", url: "https://www.suse.com/security/cve/CVE-2024-50035", }, { category: "external", summary: "SUSE Bug 1232392 for CVE-2024-50035", url: "https://bugzilla.suse.com/1232392", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50035", }, { cve: "CVE-2024-50036", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50036", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50036", url: "https://www.suse.com/security/cve/CVE-2024-50036", }, { category: "external", summary: "SUSE Bug 1231912 for CVE-2024-50036", url: "https://bugzilla.suse.com/1231912", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50036", }, { cve: "CVE-2024-50037", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50037", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/fbdev-dma: Only cleanup deferred I/O if necessary\n\nCommit 5a498d4d06d6 (\"drm/fbdev-dma: Only install deferred I/O if\nnecessary\") initializes deferred I/O only if it is used.\ndrm_fbdev_dma_fb_destroy() however calls fb_deferred_io_cleanup()\nunconditionally with struct fb_info.fbdefio == NULL. KASAN with the\nout-of-tree Apple silicon display driver posts following warning from\n__flush_work() of a random struct work_struct instead of the expected\nNULL pointer derefs.\n\n[ 22.053799] ------------[ cut here ]------------\n[ 22.054832] WARNING: CPU: 2 PID: 1 at kernel/workqueue.c:4177 __flush_work+0x4d8/0x580\n[ 22.056597] Modules linked in: uhid bnep uinput nls_ascii ip6_tables ip_tables i2c_dev loop fuse dm_multipath nfnetlink zram hid_magicmouse btrfs xor xor_neon brcmfmac_wcc raid6_pq hci_bcm4377 bluetooth brcmfmac hid_apple brcmutil nvmem_spmi_mfd simple_mfd_spmi dockchannel_hid cfg80211 joydev regmap_spmi nvme_apple ecdh_generic ecc macsmc_hid rfkill dwc3 appledrm snd_soc_macaudio macsmc_power nvme_core apple_isp phy_apple_atc apple_sart apple_rtkit_helper apple_dockchannel tps6598x macsmc_hwmon snd_soc_cs42l84 videobuf2_v4l2 spmi_apple_controller nvmem_apple_efuses videobuf2_dma_sg apple_z2 videobuf2_memops spi_nor panel_summit videobuf2_common asahi videodev pwm_apple apple_dcp snd_soc_apple_mca apple_admac spi_apple clk_apple_nco i2c_pasemi_platform snd_pcm_dmaengine mc i2c_pasemi_core mux_core ofpart adpdrm drm_dma_helper apple_dart apple_soc_cpufreq leds_pwm phram\n[ 22.073768] CPU: 2 UID: 0 PID: 1 Comm: systemd-shutdow Not tainted 6.11.2-asahi+ #asahi-dev\n[ 22.075612] Hardware name: Apple MacBook Pro (13-inch, M2, 2022) (DT)\n[ 22.077032] pstate: 01400005 (nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 22.078567] pc : __flush_work+0x4d8/0x580\n[ 22.079471] lr : __flush_work+0x54/0x580\n[ 22.080345] sp : ffffc000836ef820\n[ 22.081089] x29: ffffc000836ef880 x28: 0000000000000000 x27: ffff80002ddb7128\n[ 22.082678] x26: dfffc00000000000 x25: 1ffff000096f0c57 x24: ffffc00082d3e358\n[ 22.084263] x23: ffff80004b7862b8 x22: dfffc00000000000 x21: ffff80005aa1d470\n[ 22.085855] x20: ffff80004b786000 x19: ffff80004b7862a0 x18: 0000000000000000\n[ 22.087439] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000005\n[ 22.089030] x14: 1ffff800106ddf0a x13: 0000000000000000 x12: 0000000000000000\n[ 22.090618] x11: ffffb800106ddf0f x10: dfffc00000000000 x9 : 1ffff800106ddf0e\n[ 22.092206] x8 : 0000000000000000 x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000001\n[ 22.093790] x5 : ffffc000836ef728 x4 : 0000000000000000 x3 : 0000000000000020\n[ 22.095368] x2 : 0000000000000008 x1 : 00000000000000aa x0 : 0000000000000000\n[ 22.096955] Call trace:\n[ 22.097505] __flush_work+0x4d8/0x580\n[ 22.098330] flush_delayed_work+0x80/0xb8\n[ 22.099231] fb_deferred_io_cleanup+0x3c/0x130\n[ 22.100217] drm_fbdev_dma_fb_destroy+0x6c/0xe0 [drm_dma_helper]\n[ 22.101559] unregister_framebuffer+0x210/0x2f0\n[ 22.102575] drm_fb_helper_unregister_info+0x48/0x60\n[ 22.103683] drm_fbdev_dma_client_unregister+0x4c/0x80 [drm_dma_helper]\n[ 22.105147] drm_client_dev_unregister+0x1cc/0x230\n[ 22.106217] drm_dev_unregister+0x58/0x570\n[ 22.107125] apple_drm_unbind+0x50/0x98 [appledrm]\n[ 22.108199] component_del+0x1f8/0x3a8\n[ 22.109042] dcp_platform_shutdown+0x24/0x38 [apple_dcp]\n[ 22.110357] platform_shutdown+0x70/0x90\n[ 22.111219] device_shutdown+0x368/0x4d8\n[ 22.112095] kernel_restart+0x6c/0x1d0\n[ 22.112946] __arm64_sys_reboot+0x1c8/0x328\n[ 22.113868] invoke_syscall+0x78/0x1a8\n[ 22.114703] do_el0_svc+0x124/0x1a0\n[ 22.115498] el0_svc+0x3c/0xe0\n[ 22.116181] el0t_64_sync_handler+0x70/0xc0\n[ 22.117110] el0t_64_sync+0x190/0x198\n[ 22.117931] ---[ end trace 0000000000000000 ]---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50037", url: "https://www.suse.com/security/cve/CVE-2024-50037", }, { category: "external", summary: "SUSE Bug 1231911 for CVE-2024-50037", url: "https://bugzilla.suse.com/1231911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50037", }, { cve: "CVE-2024-50038", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50038", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50038", url: "https://www.suse.com/security/cve/CVE-2024-50038", }, { category: "external", summary: "SUSE Bug 1231910 for CVE-2024-50038", url: "https://bugzilla.suse.com/1231910", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50038", }, { cve: "CVE-2024-50039", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50039", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: accept TCA_STAB only for root qdisc\n\nMost qdiscs maintain their backlog using qdisc_pkt_len(skb)\non the assumption it is invariant between the enqueue()\nand dequeue() handlers.\n\nUnfortunately syzbot can crash a host rather easily using\na TBF + SFQ combination, with an STAB on SFQ [1]\n\nWe can't support TCA_STAB on arbitrary level, this would\nrequire to maintain per-qdisc storage.\n\n[1]\n[ 88.796496] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 88.798611] #PF: supervisor read access in kernel mode\n[ 88.799014] #PF: error_code(0x0000) - not-present page\n[ 88.799506] PGD 0 P4D 0\n[ 88.799829] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 88.800569] CPU: 14 UID: 0 PID: 2053 Comm: b371744477 Not tainted 6.12.0-rc1-virtme #1117\n[ 88.801107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 88.801779] RIP: 0010:sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq\n[ 88.802544] Code: 0f b7 50 12 48 8d 04 d5 00 00 00 00 48 89 d6 48 29 d0 48 8b 91 c0 01 00 00 48 c1 e0 03 48 01 c2 66 83 7a 1a 00 7e c0 48 8b 3a <4c> 8b 07 4c 89 02 49 89 50 08 48 c7 47 08 00 00 00 00 48 c7 07 00\nAll code\n========\n 0:\t0f b7 50 12 \tmovzwl 0x12(%rax),%edx\n 4:\t48 8d 04 d5 00 00 00 \tlea 0x0(,%rdx,8),%rax\n b:\t00\n c:\t48 89 d6 \tmov %rdx,%rsi\n f:\t48 29 d0 \tsub %rdx,%rax\n 12:\t48 8b 91 c0 01 00 00 \tmov 0x1c0(%rcx),%rdx\n 19:\t48 c1 e0 03 \tshl $0x3,%rax\n 1d:\t48 01 c2 \tadd %rax,%rdx\n 20:\t66 83 7a 1a 00 \tcmpw $0x0,0x1a(%rdx)\n 25:\t7e c0 \tjle 0xffffffffffffffe7\n 27:\t48 8b 3a \tmov (%rdx),%rdi\n 2a:*\t4c 8b 07 \tmov (%rdi),%r8\t\t<-- trapping instruction\n 2d:\t4c 89 02 \tmov %r8,(%rdx)\n 30:\t49 89 50 08 \tmov %rdx,0x8(%r8)\n 34:\t48 c7 47 08 00 00 00 \tmovq $0x0,0x8(%rdi)\n 3b:\t00\n 3c:\t48 \trex.W\n 3d:\tc7 \t.byte 0xc7\n 3e:\t07 \t(bad)\n\t...\n\nCode starting with the faulting instruction\n===========================================\n 0:\t4c 8b 07 \tmov (%rdi),%r8\n 3:\t4c 89 02 \tmov %r8,(%rdx)\n 6:\t49 89 50 08 \tmov %rdx,0x8(%r8)\n a:\t48 c7 47 08 00 00 00 \tmovq $0x0,0x8(%rdi)\n 11:\t00\n 12:\t48 \trex.W\n 13:\tc7 \t.byte 0xc7\n 14:\t07 \t(bad)\n\t...\n[ 88.803721] RSP: 0018:ffff9a1f892b7d58 EFLAGS: 00000206\n[ 88.804032] RAX: 0000000000000000 RBX: ffff9a1f8420c800 RCX: ffff9a1f8420c800\n[ 88.804560] RDX: ffff9a1f81bc1440 RSI: 0000000000000000 RDI: 0000000000000000\n[ 88.805056] RBP: ffffffffc04bb0e0 R08: 0000000000000001 R09: 00000000ff7f9a1f\n[ 88.805473] R10: 000000000001001b R11: 0000000000009a1f R12: 0000000000000140\n[ 88.806194] R13: 0000000000000001 R14: ffff9a1f886df400 R15: ffff9a1f886df4ac\n[ 88.806734] FS: 00007f445601a740(0000) GS:ffff9a2e7fd80000(0000) knlGS:0000000000000000\n[ 88.807225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 88.807672] CR2: 0000000000000000 CR3: 000000050cc46000 CR4: 00000000000006f0\n[ 88.808165] Call Trace:\n[ 88.808459] <TASK>\n[ 88.808710] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n[ 88.809261] ? page_fault_oops (arch/x86/mm/fault.c:715)\n[ 88.809561] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539)\n[ 88.809806] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n[ 88.810074] ? sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq\n[ 88.810411] sfq_reset (net/sched/sch_sfq.c:525) sch_sfq\n[ 88.810671] qdisc_reset (./include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 ./include/linux/skbuff.h:3310 net/sched/sch_g\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50039", url: "https://www.suse.com/security/cve/CVE-2024-50039", }, { category: "external", summary: "SUSE Bug 1231909 for CVE-2024-50039", url: "https://bugzilla.suse.com/1231909", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50039", }, { cve: "CVE-2024-50040", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50040", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not bring the device up after non-fatal error\n\nCommit 004d25060c78 (\"igb: Fix igb_down hung on surprise removal\")\nchanged igb_io_error_detected() to ignore non-fatal pcie errors in order\nto avoid hung task that can happen when igb_down() is called multiple\ntimes. This caused an issue when processing transient non-fatal errors.\nigb_io_resume(), which is called after igb_io_error_detected(), assumes\nthat device is brought down by igb_io_error_detected() if the interface\nis up. This resulted in panic with stacktrace below.\n\n[ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down\n[ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0\n[ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID)\n[ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000\n[ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000\n[ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message\n[ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported.\n[ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message\n[ T292] pcieport 0000:00:1c.5: AER: broadcast resume message\n[ T292] ------------[ cut here ]------------\n[ T292] kernel BUG at net/core/dev.c:6539!\n[ T292] invalid opcode: 0000 [#1] PREEMPT SMP\n[ T292] RIP: 0010:napi_enable+0x37/0x40\n[ T292] Call Trace:\n[ T292] <TASK>\n[ T292] ? die+0x33/0x90\n[ T292] ? do_trap+0xdc/0x110\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? do_error_trap+0x70/0xb0\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? exc_invalid_op+0x4e/0x70\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? asm_exc_invalid_op+0x16/0x20\n[ T292] ? napi_enable+0x37/0x40\n[ T292] igb_up+0x41/0x150\n[ T292] igb_io_resume+0x25/0x70\n[ T292] report_resume+0x54/0x70\n[ T292] ? report_frozen_detected+0x20/0x20\n[ T292] pci_walk_bus+0x6c/0x90\n[ T292] ? aer_print_port_info+0xa0/0xa0\n[ T292] pcie_do_recovery+0x22f/0x380\n[ T292] aer_process_err_devices+0x110/0x160\n[ T292] aer_isr+0x1c1/0x1e0\n[ T292] ? disable_irq_nosync+0x10/0x10\n[ T292] irq_thread_fn+0x1a/0x60\n[ T292] irq_thread+0xe3/0x1a0\n[ T292] ? irq_set_affinity_notifier+0x120/0x120\n[ T292] ? irq_affinity_notify+0x100/0x100\n[ T292] kthread+0xe2/0x110\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork+0x2d/0x50\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork_asm+0x11/0x20\n[ T292] </TASK>\n\nTo fix this issue igb_io_resume() checks if the interface is running and\nthe device is not down this means igb_io_error_detected() did not bring\nthe device down and there is no need to bring it up.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50040", url: "https://www.suse.com/security/cve/CVE-2024-50040", }, { category: "external", summary: "SUSE Bug 1231908 for CVE-2024-50040", url: "https://bugzilla.suse.com/1231908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50040", }, { cve: "CVE-2024-50041", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50041", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix macvlan leak by synchronizing access to mac_filter_hash\n\nThis patch addresses a macvlan leak issue in the i40e driver caused by\nconcurrent access to vsi->mac_filter_hash. The leak occurs when multiple\nthreads attempt to modify the mac_filter_hash simultaneously, leading to\ninconsistent state and potential memory leaks.\n\nTo fix this, we now wrap the calls to i40e_del_mac_filter() and zeroing\nvf->default_lan_addr.addr with spin_lock/unlock_bh(&vsi->mac_filter_hash_lock),\nensuring atomic operations and preventing concurrent access.\n\nAdditionally, we add lockdep_assert_held(&vsi->mac_filter_hash_lock) in\ni40e_add_mac_filter() to help catch similar issues in the future.\n\nReproduction steps:\n1. Spawn VFs and configure port vlan on them.\n2. Trigger concurrent macvlan operations (e.g., adding and deleting\n\tportvlan and/or mac filters).\n3. Observe the potential memory leak and inconsistent state in the\n\tmac_filter_hash.\n\nThis synchronization ensures the integrity of the mac_filter_hash and prevents\nthe described leak.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50041", url: "https://www.suse.com/security/cve/CVE-2024-50041", }, { category: "external", summary: "SUSE Bug 1231907 for CVE-2024-50041", url: "https://bugzilla.suse.com/1231907", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50041", }, { cve: "CVE-2024-50042", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50042", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix increasing MSI-X on VF\n\nIncreasing MSI-X value on a VF leads to invalid memory operations. This\nis caused by not reallocating some arrays.\n\nReproducer:\n modprobe ice\n echo 0 > /sys/bus/pci/devices/$PF_PCI/sriov_drivers_autoprobe\n echo 1 > /sys/bus/pci/devices/$PF_PCI/sriov_numvfs\n echo 17 > /sys/bus/pci/devices/$VF0_PCI/sriov_vf_msix_count\n\nDefault MSI-X is 16, so 17 and above triggers this issue.\n\nKASAN reports:\n\n BUG: KASAN: slab-out-of-bounds in ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n Read of size 8 at addr ffff8888b937d180 by task bash/28433\n (...)\n\n Call Trace:\n (...)\n ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n kasan_report+0xed/0x120\n ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice]\n ice_vsi_cfg_def+0x3360/0x4770 [ice]\n ? mutex_unlock+0x83/0xd0\n ? __pfx_ice_vsi_cfg_def+0x10/0x10 [ice]\n ? __pfx_ice_remove_vsi_lkup_fltr+0x10/0x10 [ice]\n ice_vsi_cfg+0x7f/0x3b0 [ice]\n ice_vf_reconfig_vsi+0x114/0x210 [ice]\n ice_sriov_set_msix_vec_count+0x3d0/0x960 [ice]\n sriov_vf_msix_count_store+0x21c/0x300\n (...)\n\n Allocated by task 28201:\n (...)\n ice_vsi_cfg_def+0x1c8e/0x4770 [ice]\n ice_vsi_cfg+0x7f/0x3b0 [ice]\n ice_vsi_setup+0x179/0xa30 [ice]\n ice_sriov_configure+0xcaa/0x1520 [ice]\n sriov_numvfs_store+0x212/0x390\n (...)\n\nTo fix it, use ice_vsi_rebuild() instead of ice_vf_reconfig_vsi(). This\ncauses the required arrays to be reallocated taking the new queue count\ninto account (ice_vsi_realloc_stat_arrays()). Set req_txq and req_rxq\nbefore ice_vsi_rebuild(), so that realloc uses the newly set queue\ncount.\n\nAdditionally, ice_vsi_rebuild() does not remove VSI filters\n(ice_fltr_remove_all()), so ice_vf_init_host_cfg() is no longer\nnecessary.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50042", url: "https://www.suse.com/security/cve/CVE-2024-50042", }, { category: "external", summary: "SUSE Bug 1231906 for CVE-2024-50042", url: "https://bugzilla.suse.com/1231906", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50042", }, { cve: "CVE-2024-50043", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50043", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix possible badness in FREE_STATEID\n\nWhen multiple FREE_STATEIDs are sent for the same delegation stateid,\nit can lead to a possible either use-after-free or counter refcount\nunderflow errors.\n\nIn nfsd4_free_stateid() under the client lock we find a delegation\nstateid, however the code drops the lock before calling nfs4_put_stid(),\nthat allows another FREE_STATE to find the stateid again. The first one\nwill proceed to then free the stateid which leads to either\nuse-after-free or decrementing already zeroed counter.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50043", url: "https://www.suse.com/security/cve/CVE-2024-50043", }, { category: "external", summary: "SUSE Bug 1231905 for CVE-2024-50043", url: "https://bugzilla.suse.com/1231905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50043", }, { cve: "CVE-2024-50044", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50044", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\n\nrfcomm_sk_state_change attempts to use sock_lock so it must never be\ncalled with it locked but rfcomm_sock_ioctl always attempt to lock it\ncausing the following trace:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted\n------------------------------------------------------\nsyz-executor386/5093 is trying to acquire lock:\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline]\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73\n\nbut task is already holding lock:\nffff88807badfd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50044", url: "https://www.suse.com/security/cve/CVE-2024-50044", }, { category: "external", summary: "SUSE Bug 1231904 for CVE-2024-50044", url: "https://bugzilla.suse.com/1231904", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50044", }, { cve: "CVE-2024-50045", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50045", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: fix panic with metadata_dst skb\n\nFix a kernel panic in the br_netfilter module when sending untagged\ntraffic via a VxLAN device.\nThis happens during the check for fragmentation in br_nf_dev_queue_xmit.\n\nIt is dependent on:\n1) the br_netfilter module being loaded;\n2) net.bridge.bridge-nf-call-iptables set to 1;\n3) a bridge with a VxLAN (single-vxlan-device) netdevice as a bridge port;\n4) untagged frames with size higher than the VxLAN MTU forwarded/flooded\n\nWhen forwarding the untagged packet to the VxLAN bridge port, before\nthe netfilter hooks are called, br_handle_egress_vlan_tunnel is called and\nchanges the skb_dst to the tunnel dst. The tunnel_dst is a metadata type\nof dst, i.e., skb_valid_dst(skb) is false, and metadata->dst.dev is NULL.\n\nThen in the br_netfilter hooks, in br_nf_dev_queue_xmit, there's a check\nfor frames that needs to be fragmented: frames with higher MTU than the\nVxLAN device end up calling br_nf_ip_fragment, which in turns call\nip_skb_dst_mtu.\n\nThe ip_dst_mtu tries to use the skb_dst(skb) as if it was a valid dst\nwith valid dst->dev, thus the crash.\n\nThis case was never supported in the first place, so drop the packet\ninstead.\n\nPING 10.0.0.2 (10.0.0.2) from 0.0.0.0 h1-eth0: 2000(2028) bytes of data.\n[ 176.291791] Unable to handle kernel NULL pointer dereference at\nvirtual address 0000000000000110\n[ 176.292101] Mem abort info:\n[ 176.292184] ESR = 0x0000000096000004\n[ 176.292322] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 176.292530] SET = 0, FnV = 0\n[ 176.292709] EA = 0, S1PTW = 0\n[ 176.292862] FSC = 0x04: level 0 translation fault\n[ 176.293013] Data abort info:\n[ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 176.293995] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000043ef5000\n[ 176.294166] [0000000000000110] pgd=0000000000000000,\np4d=0000000000000000\n[ 176.294827] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 176.295252] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel veth\nbr_netfilter bridge stp llc ipv6 crct10dif_ce\n[ 176.295923] CPU: 0 PID: 188 Comm: ping Not tainted\n6.8.0-rc3-g5b3fbd61b9d1 #2\n[ 176.296314] Hardware name: linux,dummy-virt (DT)\n[ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS\nBTYPE=--)\n[ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter]\n[ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter]\n[ 176.297636] sp : ffff800080003630\n[ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27:\nffff6828c49ad9f8\n[ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24:\n00000000000003e8\n[ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21:\nffff6828c3b16d28\n[ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18:\n0000000000000014\n[ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15:\n0000000095744632\n[ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12:\nffffb7e137926a70\n[ 176.299574] x11: 0000000000000001 x10: ffff6828c3f1c898 x9 :\n0000000000000000\n[ 176.300049] x8 : ffff6828c49bf070 x7 : 0008460f18d5f20e x6 :\nf20e0100bebafeca\n[ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 :\n0000000000000000\n[ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 :\nffff6828c7f918f0\n[ 176.300889] Call trace:\n[ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter]\n[ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter]\n[ 176.301703] nf_hook_slow+0x48/0x124\n[ 176.302060] br_forward_finish+0xc8/0xe8 [bridge]\n[ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_netfilter]\n[ 176.302605] br_nf_forward_finish+0x118/0x22c [br_netfilter]\n[ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_netfilter]\n[ 176.303136] br_nf_forward+0x2b8/0x4e0 [br_netfilter]\n[ 176.303359] nf_hook_slow+0x48/0x124\n[ 176.303\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50045", url: "https://www.suse.com/security/cve/CVE-2024-50045", }, { category: "external", summary: "SUSE Bug 1231903 for CVE-2024-50045", url: "https://bugzilla.suse.com/1231903", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50045", }, { cve: "CVE-2024-50046", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50046", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()\n\nOn the node of an NFS client, some files saved in the mountpoint of the\nNFS server were copied to another location of the same NFS server.\nAccidentally, the nfs42_complete_copies() got a NULL-pointer dereference\ncrash with the following syslog:\n\n[232064.838881] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232064.839360] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116\n[232066.588183] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058\n[232066.588586] Mem abort info:\n[232066.588701] ESR = 0x0000000096000007\n[232066.588862] EC = 0x25: DABT (current EL), IL = 32 bits\n[232066.589084] SET = 0, FnV = 0\n[232066.589216] EA = 0, S1PTW = 0\n[232066.589340] FSC = 0x07: level 3 translation fault\n[232066.589559] Data abort info:\n[232066.589683] ISV = 0, ISS = 0x00000007\n[232066.589842] CM = 0, WnR = 0\n[232066.589967] user pgtable: 64k pages, 48-bit VAs, pgdp=00002000956ff400\n[232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=0000000000000000\n[232066.590757] Internal error: Oops: 96000007 [#1] SMP\n[232066.590958] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport dummy ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp bonding tls rfkill sunrpc ext4 mbcache jbd2\n[232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs\n[232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: loaded Not tainted 5.15.131-9.cl9_ocfs2.aarch64 #1\n[232066.597356] Hardware name: Great Wall .\\x93\\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06\n[232066.597721] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[232066.598034] pc : nfs4_reclaim_open_state+0x220/0x800 [nfsv4]\n[232066.598327] lr : nfs4_reclaim_open_state+0x12c/0x800 [nfsv4]\n[232066.598595] sp : ffff8000f568fc70\n[232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000\n[232066.599030] x26: ffff800005521ae0 x25: ffff0100f98fa3f0 x24: 0000000000000001\n[232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050\n[232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000\n[232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000\n[232066.600195] x14: 0000000000000000 x13: ffff800008e685a8 x12: 00000000eac0c6e6\n[232066.600498] x11: 00000000000000\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50046", url: "https://www.suse.com/security/cve/CVE-2024-50046", }, { category: "external", summary: "SUSE Bug 1231902 for CVE-2024-50046", url: "https://bugzilla.suse.com/1231902", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50046", }, { cve: "CVE-2024-50047", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50047", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in async decryption\n\nDoing an async decryption (large read) crashes with a\nslab-use-after-free way down in the crypto API.\n\nReproducer:\n # mount.cifs -o ...,seal,esize=1 //srv/share /mnt\n # dd if=/mnt/largefile of=/dev/null\n ...\n [ 194.196391] ==================================================================\n [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110\n [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899\n [ 194.197707]\n [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43\n [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\n [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs]\n [ 194.200032] Call Trace:\n [ 194.200191] <TASK>\n [ 194.200327] dump_stack_lvl+0x4e/0x70\n [ 194.200558] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.200809] print_report+0x174/0x505\n [ 194.201040] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n [ 194.201352] ? srso_return_thunk+0x5/0x5f\n [ 194.201604] ? __virt_addr_valid+0xdf/0x1c0\n [ 194.201868] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.202128] kasan_report+0xc8/0x150\n [ 194.202361] ? gf128mul_4k_lle+0xc1/0x110\n [ 194.202616] gf128mul_4k_lle+0xc1/0x110\n [ 194.202863] ghash_update+0x184/0x210\n [ 194.203103] shash_ahash_update+0x184/0x2a0\n [ 194.203377] ? __pfx_shash_ahash_update+0x10/0x10\n [ 194.203651] ? srso_return_thunk+0x5/0x5f\n [ 194.203877] ? crypto_gcm_init_common+0x1ba/0x340\n [ 194.204142] gcm_hash_assoc_remain_continue+0x10a/0x140\n [ 194.204434] crypt_message+0xec1/0x10a0 [cifs]\n [ 194.206489] ? __pfx_crypt_message+0x10/0x10 [cifs]\n [ 194.208507] ? srso_return_thunk+0x5/0x5f\n [ 194.209205] ? srso_return_thunk+0x5/0x5f\n [ 194.209925] ? srso_return_thunk+0x5/0x5f\n [ 194.210443] ? srso_return_thunk+0x5/0x5f\n [ 194.211037] decrypt_raw_data+0x15f/0x250 [cifs]\n [ 194.212906] ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n [ 194.214670] ? srso_return_thunk+0x5/0x5f\n [ 194.215193] smb2_decrypt_offload+0x12a/0x6c0 [cifs]\n\nThis is because TFM is being used in parallel.\n\nFix this by allocating a new AEAD TFM for async decryption, but keep\nthe existing one for synchronous READ cases (similar to what is done\nin smb3_calc_signature()).\n\nAlso remove the calls to aead_request_set_callback() and\ncrypto_wait_req() since it's always going to be a synchronous operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50047", url: "https://www.suse.com/security/cve/CVE-2024-50047", }, { category: "external", summary: "SUSE Bug 1232418 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232418", }, { category: "external", summary: "SUSE Bug 1232576 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232576", }, { category: "external", summary: "SUSE Bug 1232638 for CVE-2024-50047", url: "https://bugzilla.suse.com/1232638", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50047", }, { cve: "CVE-2024-50048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50048", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: Fix a NULL pointer dereference issue in fbcon_putcs\n\nsyzbot has found a NULL pointer dereference bug in fbcon.\nHere is the simplified C reproducer:\n\nstruct param {\n\tuint8_t type;\n\tstruct tiocl_selection ts;\n};\n\nint main()\n{\n\tstruct fb_con2fbmap con2fb;\n\tstruct param param;\n\n\tint fd = open(\"/dev/fb1\", 0, 0);\n\n\tcon2fb.console = 0x19;\n\tcon2fb.framebuffer = 0;\n\tioctl(fd, FBIOPUT_CON2FBMAP, &con2fb);\n\n\tparam.type = 2;\n\tparam.ts.xs = 0; param.ts.ys = 0;\n\tparam.ts.xe = 0; param.ts.ye = 0;\n\tparam.ts.sel_mode = 0;\n\n\tint fd1 = open(\"/dev/tty1\", O_RDWR, 0);\n\tioctl(fd1, TIOCLINUX, ¶m);\n\n\tcon2fb.console = 1;\n\tcon2fb.framebuffer = 0;\n\tioctl(fd, FBIOPUT_CON2FBMAP, &con2fb);\n\n\treturn 0;\n}\n\nAfter calling ioctl(fd1, TIOCLINUX, ¶m), the subsequent ioctl(fd, FBIOPUT_CON2FBMAP, &con2fb)\ncauses the kernel to follow a different execution path:\n\n set_con2fb_map\n -> con2fb_init_display\n -> fbcon_set_disp\n -> redraw_screen\n -> hide_cursor\n -> clear_selection\n -> highlight\n -> invert_screen\n -> do_update_region\n -> fbcon_putcs\n -> ops->putcs\n\nSince ops->putcs is a NULL pointer, this leads to a kernel panic.\nTo prevent this, we need to call set_blitting_type() within set_con2fb_map()\nto properly initialize ops->putcs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50048", url: "https://www.suse.com/security/cve/CVE-2024-50048", }, { category: "external", summary: "SUSE Bug 1232310 for CVE-2024-50048", url: "https://bugzilla.suse.com/1232310", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50048", }, { cve: "CVE-2024-50049", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50049", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointer before dereferencing se\n\n[WHAT & HOW]\nse is null checked previously in the same function, indicating\nit might be null; therefore, it must be checked when used again.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50049", url: "https://www.suse.com/security/cve/CVE-2024-50049", }, { category: "external", summary: "SUSE Bug 1232309 for CVE-2024-50049", url: "https://bugzilla.suse.com/1232309", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50049", }, { cve: "CVE-2024-50055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50055", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50055", url: "https://www.suse.com/security/cve/CVE-2024-50055", }, { category: "external", summary: "SUSE Bug 1232329 for CVE-2024-50055", url: "https://bugzilla.suse.com/1232329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50055", }, { cve: "CVE-2024-50056", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50056", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: 'fmtdesc' dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: 'fmtdesc' dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50056", url: "https://www.suse.com/security/cve/CVE-2024-50056", }, { category: "external", summary: "SUSE Bug 1232389 for CVE-2024-50056", url: "https://bugzilla.suse.com/1232389", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50056", }, { cve: "CVE-2024-50057", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50057", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tipd: Free IRQ only if it was requested before\n\nIn polling mode, if no IRQ was requested there is no need to free it.\nCall devm_free_irq() only if client->irq is set. This fixes the warning\ncaused by the tps6598x module removal:\n\nWARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c\n...\n...\nCall trace:\n devm_free_irq+0x80/0x8c\n tps6598x_remove+0x28/0x88 [tps6598x]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x50/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x]\n __arm64_sys_delete_module+0x184/0x264\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0xc8/0xe8\n do_el0_svc+0x20/0x2c\n el0_svc+0x28/0x98\n el0t_64_sync_handler+0x13c/0x158\n el0t_64_sync+0x190/0x194", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50057", url: "https://www.suse.com/security/cve/CVE-2024-50057", }, { category: "external", summary: "SUSE Bug 1232393 for CVE-2024-50057", url: "https://bugzilla.suse.com/1232393", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50057", }, { cve: "CVE-2024-50058", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50058", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\n\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part\n3) added few uport == NULL checks. It added one to uart_shutdown(), so\nthe commit assumes, uport can be NULL in there. But right after that\nprotection, there is an unprotected \"uart_port_dtr_rts(uport, false);\"\ncall. That is invoked only if HUPCL is set, so I assume that is the\nreason why we do not see lots of these reports.\n\nOr it cannot be NULL at this point at all for some reason :P.\n\nUntil the above is investigated, stay on the safe side and move this\ndereference to the if too.\n\nI got this inconsistency from Coverity under CID 1585130. Thanks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50058", url: "https://www.suse.com/security/cve/CVE-2024-50058", }, { category: "external", summary: "SUSE Bug 1232285 for CVE-2024-50058", url: "https://bugzilla.suse.com/1232285", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50058", }, { cve: "CVE-2024-50059", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50059", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition\n\nIn the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev\nfunction, then &sndev->check_link_status_work is bound with\ncheck_link_status_work. switchtec_ntb_link_notification may be called\nto start the work.\n\nIf we remove the module which will call switchtec_ntb_remove to make\ncleanup, it will free sndev through kfree(sndev), while the work\nmentioned above will be used. The sequence of operations that may lead\nto a UAF bug is as follows:\n\nCPU0 CPU1\n\n | check_link_status_work\nswitchtec_ntb_remove |\nkfree(sndev); |\n | if (sndev->link_force_down)\n | // use sndev\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in switchtec_ntb_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50059", url: "https://www.suse.com/security/cve/CVE-2024-50059", }, { category: "external", summary: "SUSE Bug 1232345 for CVE-2024-50059", url: "https://bugzilla.suse.com/1232345", }, { category: "external", summary: "SUSE Bug 1232348 for CVE-2024-50059", url: "https://bugzilla.suse.com/1232348", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50059", }, { cve: "CVE-2024-50060", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50060", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check if we need to reschedule during overflow flush\n\nIn terms of normal application usage, this list will always be empty.\nAnd if an application does overflow a bit, it'll have a few entries.\nHowever, nothing obviously prevents syzbot from running a test case\nthat generates a ton of overflow entries, and then flushing them can\ntake quite a while.\n\nCheck for needing to reschedule while flushing, and drop our locks and\ndo so if necessary. There's no state to maintain here as overflows\nalways prune from head-of-list, hence it's fine to drop and reacquire\nthe locks at the end of the loop.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50060", url: "https://www.suse.com/security/cve/CVE-2024-50060", }, { category: "external", summary: "SUSE Bug 1232417 for CVE-2024-50060", url: "https://bugzilla.suse.com/1232417", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50060", }, { cve: "CVE-2024-50061", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50061", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition\n\nIn the cdns_i3c_master_probe function, &master->hj_work is bound with\ncdns_i3c_master_hj. And cdns_i3c_master_interrupt can call\ncnds_i3c_master_demux_ibis function to start the work.\n\nIf we remove the module which will call cdns_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | cdns_i3c_master_hj\ncdns_i3c_master_remove |\ni3c_master_unregister(&master->base) |\ndevice_unregister(&master->dev) |\ndevice_release |\n//free master->base |\n | i3c_master_do_daa(&master->base)\n | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in cdns_i3c_master_remove.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50061", url: "https://www.suse.com/security/cve/CVE-2024-50061", }, { category: "external", summary: "SUSE Bug 1232263 for CVE-2024-50061", url: "https://bugzilla.suse.com/1232263", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50061", }, { cve: "CVE-2024-50062", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50062", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs-srv: Avoid null pointer deref during path establishment\n\nFor RTRS path establishment, RTRS client initiates and completes con_num\nof connections. After establishing all its connections, the information\nis exchanged between the client and server through the info_req message.\nDuring this exchange, it is essential that all connections have been\nestablished, and the state of the RTRS srv path is CONNECTED.\n\nSo add these sanity checks, to make sure we detect and abort process in\nerror scenarios to avoid null pointer deref.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50062", url: "https://www.suse.com/security/cve/CVE-2024-50062", }, { category: "external", summary: "SUSE Bug 1232232 for CVE-2024-50062", url: "https://bugzilla.suse.com/1232232", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50062", }, { cve: "CVE-2024-50063", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50063", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tail call between progs attached to different hooks\n\nbpf progs can be attached to kernel functions, and the attached functions\ncan take different parameters or return different return values. If\nprog attached to one kernel function tail calls prog attached to another\nkernel function, the ctx access or return value verification could be\nbypassed.\n\nFor example, if prog1 is attached to func1 which takes only 1 parameter\nand prog2 is attached to func2 which takes two parameters. Since verifier\nassumes the bpf ctx passed to prog2 is constructed based on func2's\nprototype, verifier allows prog2 to access the second parameter from\nthe bpf ctx passed to it. The problem is that verifier does not prevent\nprog1 from passing its bpf ctx to prog2 via tail call. In this case,\nthe bpf ctx passed to prog2 is constructed from func1 instead of func2,\nthat is, the assumption for ctx access verification is bypassed.\n\nAnother example, if BPF LSM prog1 is attached to hook file_alloc_security,\nand BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier\nknows the return value rules for these two hooks, e.g. it is legal for\nbpf_lsm_audit_rule_known to return positive number 1, and it is illegal\nfor file_alloc_security to return positive number. So verifier allows\nprog2 to return positive number 1, but does not allow prog1 to return\npositive number. The problem is that verifier does not prevent prog1\nfrom calling prog2 via tail call. In this case, prog2's return value 1\nwill be used as the return value for prog1's hook file_alloc_security.\nThat is, the return value rule is bypassed.\n\nThis patch adds restriction for tail call to prevent such bypasses.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50063", url: "https://www.suse.com/security/cve/CVE-2024-50063", }, { category: "external", summary: "SUSE Bug 1232435 for CVE-2024-50063", url: "https://bugzilla.suse.com/1232435", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50063", }, { cve: "CVE-2024-50064", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50064", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: free secondary algorithms names\n\nWe need to kfree() secondary algorithms names when reset zram device that\nhad multi-streams, otherwise we leak memory.\n\n[senozhatsky@chromium.org: kfree(NULL) is legal]\n Link: https://lkml.kernel.org/r/20240917013021.868769-1-senozhatsky@chromium.org", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50064", url: "https://www.suse.com/security/cve/CVE-2024-50064", }, { category: "external", summary: "SUSE Bug 1231901 for CVE-2024-50064", url: "https://bugzilla.suse.com/1231901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50064", }, { cve: "CVE-2024-50065", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50065", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Change to non-blocking allocation in ntfs_d_hash\n\nd_hash is done while under \"rcu-walk\" and should not sleep.\n__get_name() allocates using GFP_KERNEL, having the possibility\nto sleep when under memory pressure. Change the allocation to\nGFP_NOWAIT.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50065", url: "https://www.suse.com/security/cve/CVE-2024-50065", }, { category: "external", summary: "SUSE Bug 1231899 for CVE-2024-50065", url: "https://bugzilla.suse.com/1231899", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50065", }, { cve: "CVE-2024-50066", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50066", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mremap: fix move_normal_pmd/retract_page_tables race\n\nIn mremap(), move_page_tables() looks at the type of the PMD entry and the\nspecified address range to figure out by which method the next chunk of\npage table entries should be moved.\n\nAt that point, the mmap_lock is held in write mode, but no rmap locks are\nheld yet. For PMD entries that point to page tables and are fully covered\nby the source address range, move_pgt_entry(NORMAL_PMD, ...) is called,\nwhich first takes rmap locks, then does move_normal_pmd(). \nmove_normal_pmd() takes the necessary page table locks at source and\ndestination, then moves an entire page table from the source to the\ndestination.\n\nThe problem is: The rmap locks, which protect against concurrent page\ntable removal by retract_page_tables() in the THP code, are only taken\nafter the PMD entry has been read and it has been decided how to move it. \nSo we can race as follows (with two processes that have mappings of the\nsame tmpfs file that is stored on a tmpfs mount with huge=advise); note\nthat process A accesses page tables through the MM while process B does it\nthrough the file rmap:\n\nprocess A process B\n========= =========\nmremap\n mremap_to\n move_vma\n move_page_tables\n get_old_pmd\n alloc_new_pmd\n *** PREEMPT ***\n madvise(MADV_COLLAPSE)\n do_madvise\n madvise_walk_vmas\n madvise_vma_behavior\n madvise_collapse\n hpage_collapse_scan_file\n collapse_file\n retract_page_tables\n i_mmap_lock_read(mapping)\n pmdp_collapse_flush\n i_mmap_unlock_read(mapping)\n move_pgt_entry(NORMAL_PMD, ...)\n take_rmap_locks\n move_normal_pmd\n drop_rmap_locks\n\nWhen this happens, move_normal_pmd() can end up creating bogus PMD entries\nin the line `pmd_populate(mm, new_pmd, pmd_pgtable(pmd))`. The effect\ndepends on arch-specific and machine-specific details; on x86, you can end\nup with physical page 0 mapped as a page table, which is likely\nexploitable for user->kernel privilege escalation.\n\nFix the race by letting process B recheck that the PMD still points to a\npage table after the rmap locks have been taken. Otherwise, we bail and\nlet the caller fall back to the PTE-level copying path, which will then\nbail immediately at the pmd_none() check.\n\nBug reachability: Reaching this bug requires that you can create\nshmem/file THP mappings - anonymous THP uses different code that doesn't\nzap stuff under rmap locks. File THP is gated on an experimental config\nflag (CONFIG_READ_ONLY_THP_FOR_FS), so on normal distro kernels you need\nshmem THP to hit this bug. As far as I know, getting shmem THP normally\nrequires that you can mount your own tmpfs with the right mount flags,\nwhich would require creating your own user+mount namespace; though I don't\nknow if some distros maybe enable shmem THP by default or something like\nthat.\n\nBug impact: This issue can likely be used for user->kernel privilege\nescalation when it is reachable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50066", url: "https://www.suse.com/security/cve/CVE-2024-50066", }, { category: "external", summary: "SUSE Bug 1232078 for CVE-2024-50066", url: "https://bugzilla.suse.com/1232078", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50066", }, { cve: "CVE-2024-50067", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50067", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobe: avoid out-of-bounds memory access of fetching args\n\nUprobe needs to fetch args into a percpu buffer, and then copy to ring\nbuffer to avoid non-atomic context problem.\n\nSometimes user-space strings, arrays can be very large, but the size of\npercpu buffer is only page size. And store_trace_args() won't check\nwhether these data exceeds a single page or not, caused out-of-bounds\nmemory access.\n\nIt could be reproduced by following steps:\n1. build kernel with CONFIG_KASAN enabled\n2. save follow program as test.c\n\n```\n\\#include <stdio.h>\n\\#include <stdlib.h>\n\\#include <string.h>\n\n// If string length large than MAX_STRING_SIZE, the fetch_store_strlen()\n// will return 0, cause __get_data_size() return shorter size, and\n// store_trace_args() will not trigger out-of-bounds access.\n// So make string length less than 4096.\n\\#define STRLEN 4093\n\nvoid generate_string(char *str, int n)\n{\n int i;\n for (i = 0; i < n; ++i)\n {\n char c = i % 26 + 'a';\n str[i] = c;\n }\n str[n-1] = '\\0';\n}\n\nvoid print_string(char *str)\n{\n printf(\"%s\\n\", str);\n}\n\nint main()\n{\n char tmp[STRLEN];\n\n generate_string(tmp, STRLEN);\n print_string(tmp);\n\n return 0;\n}\n```\n3. compile program\n`gcc -o test test.c`\n\n4. get the offset of `print_string()`\n```\nobjdump -t test | grep -w print_string\n0000000000401199 g F .text 000000000000001b print_string\n```\n\n5. configure uprobe with offset 0x1199\n```\noff=0x1199\n\ncd /sys/kernel/debug/tracing/\necho \"p /root/test:${off} arg1=+0(%di):ustring arg2=\\$comm arg3=+0(%di):ustring\"\n > uprobe_events\necho 1 > events/uprobes/enable\necho 1 > tracing_on\n```\n\n6. run `test`, and kasan will report error.\n==================================================================\nBUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0\nWrite of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18\nHardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014\nCall Trace:\n <TASK>\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x27/0x310\n kasan_report+0x10f/0x120\n ? strncpy_from_user+0x1d6/0x1f0\n strncpy_from_user+0x1d6/0x1f0\n ? rmqueue.constprop.0+0x70d/0x2ad0\n process_fetch_insn+0xb26/0x1470\n ? __pfx_process_fetch_insn+0x10/0x10\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __pte_offset_map+0x1f/0x2d0\n ? unwind_next_frame+0xc5f/0x1f80\n ? arch_stack_walk+0x68/0xf0\n ? is_bpf_text_address+0x23/0x30\n ? kernel_text_address.part.0+0xbb/0xd0\n ? __kernel_text_address+0x66/0xb0\n ? unwind_get_return_address+0x5e/0xa0\n ? __pfx_stack_trace_consume_entry+0x10/0x10\n ? arch_stack_walk+0xa2/0xf0\n ? _raw_spin_lock_irqsave+0x8b/0xf0\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? depot_alloc_stack+0x4c/0x1f0\n ? _raw_spin_unlock_irqrestore+0xe/0x30\n ? stack_depot_save_flags+0x35d/0x4f0\n ? kasan_save_stack+0x34/0x50\n ? kasan_save_stack+0x24/0x50\n ? mutex_lock+0x91/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n prepare_uprobe_buffer.part.0+0x2cd/0x500\n uprobe_dispatcher+0x2c3/0x6a0\n ? __pfx_uprobe_dispatcher+0x10/0x10\n ? __kasan_slab_alloc+0x4d/0x90\n handler_chain+0xdd/0x3e0\n handle_swbp+0x26e/0x3d0\n ? __pfx_handle_swbp+0x10/0x10\n ? uprobe_pre_sstep_notifier+0x151/0x1b0\n irqentry_exit_to_user_mode+0xe2/0x1b0\n asm_exc_int3+0x39/0x40\nRIP: 0033:0x401199\nCode: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce\nRSP: 002b:00007ffdf00576a8 EFLAGS: 00000206\nRAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2\nRDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0\nRBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20\nR10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040\nR13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\nThis commit enforces the buffer's maxlen less than a page-size to avoid\nstore_trace_args() out-of-memory access.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50067", url: "https://www.suse.com/security/cve/CVE-2024-50067", }, { category: "external", summary: "SUSE Bug 1232416 for CVE-2024-50067", url: "https://bugzilla.suse.com/1232416", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50067", }, { cve: "CVE-2024-50068", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50068", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()\n\nThe sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not\nfreed in damon_sysfs_test_add_targets(), which cause the following memory\nleak, free it to fix it.\n\n\tunreferenced object 0xffffff80c2a8db80 (size 96):\n\t comm \"kunit_try_catch\", pid 187, jiffies 4294894363\n\t hex dump (first 32 bytes):\n\t 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n\t 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n\t backtrace (crc 0):\n\t [<0000000001e3714d>] kmemleak_alloc+0x34/0x40\n\t [<000000008e6835c1>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000001286d9f8>] damon_sysfs_test_add_targets+0x1cc/0x738\n\t [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000adf936cf>] kthread+0x2e8/0x374\n\t [<0000000041bb1628>] ret_from_fork+0x10/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50068", url: "https://www.suse.com/security/cve/CVE-2024-50068", }, { category: "external", summary: "SUSE Bug 1232512 for CVE-2024-50068", url: "https://bugzilla.suse.com/1232512", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50068", }, { cve: "CVE-2024-50069", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50069", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: apple: check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked. Fix this lack and check the returned value.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50069", url: "https://www.suse.com/security/cve/CVE-2024-50069", }, { category: "external", summary: "SUSE Bug 1232511 for CVE-2024-50069", url: "https://bugzilla.suse.com/1232511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50069", }, { cve: "CVE-2024-50070", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50070", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: stm32: check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this returned\nvalue is not checked. Fix this lack and check the returned value.\n\nFound by code review.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50070", url: "https://www.suse.com/security/cve/CVE-2024-50070", }, { category: "external", summary: "SUSE Bug 1232510 for CVE-2024-50070", url: "https://bugzilla.suse.com/1232510", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50070", }, { cve: "CVE-2024-50071", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50071", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()\n\n'new_map' is allocated using devm_* which takes care of freeing the\nallocated data on device removal, call to\n\n\t.dt_free_map = pinconf_generic_dt_free_map\n\ndouble frees the map as pinconf_generic_dt_free_map() calls\npinctrl_utils_free_map().\n\nFix this by using kcalloc() instead of auto-managed devm_kcalloc().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50071", url: "https://www.suse.com/security/cve/CVE-2024-50071", }, { category: "external", summary: "SUSE Bug 1232509 for CVE-2024-50071", url: "https://bugzilla.suse.com/1232509", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50071", }, { cve: "CVE-2024-50072", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50072", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/bugs: Use code segment selector for VERW operand\n\nRobert Gill reported below #GP in 32-bit mode when dosemu software was\nexecuting vm86() system call:\n\n general protection fault: 0000 [#1] PREEMPT SMP\n CPU: 4 PID: 4610 Comm: dosemu.bin Not tainted 6.6.21-gentoo-x86 #1\n Hardware name: Dell Inc. PowerEdge 1950/0H723K, BIOS 2.7.0 10/30/2010\n EIP: restore_all_switch_stack+0xbe/0xcf\n EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000\n ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: ff8affdc\n DS: 0000 ES: 0000 FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010046\n CR0: 80050033 CR2: 00c2101c CR3: 04b6d000 CR4: 000406d0\n Call Trace:\n show_regs+0x70/0x78\n die_addr+0x29/0x70\n exc_general_protection+0x13c/0x348\n exc_bounds+0x98/0x98\n handle_exception+0x14d/0x14d\n exc_bounds+0x98/0x98\n restore_all_switch_stack+0xbe/0xcf\n exc_bounds+0x98/0x98\n restore_all_switch_stack+0xbe/0xcf\n\nThis only happens in 32-bit mode when VERW based mitigations like MDS/RFDS\nare enabled. This is because segment registers with an arbitrary user value\ncan result in #GP when executing VERW. Intel SDM vol. 2C documents the\nfollowing behavior for VERW instruction:\n\n #GP(0) - If a memory operand effective address is outside the CS, DS, ES,\n\t FS, or GS segment limit.\n\nCLEAR_CPU_BUFFERS macro executes VERW instruction before returning to user\nspace. Use %cs selector to reference VERW operand. This ensures VERW will\nnot #GP for an arbitrary user %ds.\n\n[ mingo: Fixed the SOB chain. ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50072", url: "https://www.suse.com/security/cve/CVE-2024-50072", }, { category: "external", summary: "SUSE Bug 1232513 for CVE-2024-50072", url: "https://bugzilla.suse.com/1232513", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50072", }, { cve: "CVE-2024-50073", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50073", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n <TASK>\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50073", url: "https://www.suse.com/security/cve/CVE-2024-50073", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50073", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232520 for CVE-2024-50073", url: "https://bugzilla.suse.com/1232520", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50073", }, { cve: "CVE-2024-50074", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50074", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf(). However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50074", url: "https://www.suse.com/security/cve/CVE-2024-50074", }, { category: "external", summary: "SUSE Bug 1232507 for CVE-2024-50074", url: "https://bugzilla.suse.com/1232507", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50074", }, { cve: "CVE-2024-50075", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50075", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: tegra: fix checked USB2 port number\n\nIf USB virtualizatoin is enabled, USB2 ports are shared between all\nVirtual Functions. The USB2 port number owned by an USB2 root hub in\na Virtual Function may be less than total USB2 phy number supported\nby the Tegra XUSB controller.\n\nUsing total USB2 phy number as port number to check all PORTSC values\nwould cause invalid memory access.\n\n[ 116.923438] Unable to handle kernel paging request at virtual address 006c622f7665642f\n...\n[ 117.213640] Call trace:\n[ 117.216783] tegra_xusb_enter_elpg+0x23c/0x658\n[ 117.222021] tegra_xusb_runtime_suspend+0x40/0x68\n[ 117.227260] pm_generic_runtime_suspend+0x30/0x50\n[ 117.232847] __rpm_callback+0x84/0x3c0\n[ 117.237038] rpm_suspend+0x2dc/0x740\n[ 117.241229] pm_runtime_work+0xa0/0xb8\n[ 117.245769] process_scheduled_works+0x24c/0x478\n[ 117.251007] worker_thread+0x23c/0x328\n[ 117.255547] kthread+0x104/0x1b0\n[ 117.259389] ret_from_fork+0x10/0x20\n[ 117.263582] Code: 54000222 f9461ae8 f8747908 b4ffff48 (f9400100)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50075", url: "https://www.suse.com/security/cve/CVE-2024-50075", }, { category: "external", summary: "SUSE Bug 1232506 for CVE-2024-50075", url: "https://bugzilla.suse.com/1232506", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50075", }, { cve: "CVE-2024-50076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50076", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: prevent kernel-infoleak in con_font_get()\n\nfont.data may not initialize all memory spaces depending on the implementation\nof vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it\nis safest to modify it to initialize the allocated memory space to 0, and it\ngenerally does not affect the overall performance of the system.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50076", url: "https://www.suse.com/security/cve/CVE-2024-50076", }, { category: "external", summary: "SUSE Bug 1232505 for CVE-2024-50076", url: "https://bugzilla.suse.com/1232505", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50076", }, { cve: "CVE-2024-50077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50077", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix multiple init when debugfs is disabled\n\nIf bt_debugfs is not created successfully, which happens if either\nCONFIG_DEBUG_FS or CONFIG_DEBUG_FS_ALLOW_ALL is unset, then iso_init()\nreturns early and does not set iso_inited to true. This means that a\nsubsequent call to iso_init() will result in duplicate calls to\nproto_register(), bt_sock_register(), etc.\n\nWith CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, the\nduplicate call to proto_register() triggers this BUG():\n\n list_add double add: new=ffffffffc0b280d0, prev=ffffffffbab56250,\n next=ffffffffc0b280d0.\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:35!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 2 PID: 887 Comm: bluetoothd Not tainted 6.10.11-1-ao-desktop #1\n RIP: 0010:__list_add_valid_or_report+0x9a/0xa0\n ...\n __list_add_valid_or_report+0x9a/0xa0\n proto_register+0x2b5/0x340\n iso_init+0x23/0x150 [bluetooth]\n set_iso_socket_func+0x68/0x1b0 [bluetooth]\n kmem_cache_free+0x308/0x330\n hci_sock_sendmsg+0x990/0x9e0 [bluetooth]\n __sock_sendmsg+0x7b/0x80\n sock_write_iter+0x9a/0x110\n do_iter_readv_writev+0x11d/0x220\n vfs_writev+0x180/0x3e0\n do_writev+0xca/0x100\n ...\n\nThis change removes the early return. The check for iso_debugfs being\nNULL was unnecessary, it is always NULL when iso_inited is false.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50077", url: "https://www.suse.com/security/cve/CVE-2024-50077", }, { category: "external", summary: "SUSE Bug 1232504 for CVE-2024-50077", url: "https://bugzilla.suse.com/1232504", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50077", }, { cve: "CVE-2024-50078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50078", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Call iso_exit() on module unload\n\nIf iso_init() has been called, iso_exit() must be called on module\nunload. Without that, the struct proto that iso_init() registered with\nproto_register() becomes invalid, which could cause unpredictable\nproblems later. In my case, with CONFIG_LIST_HARDENED and\nCONFIG_BUG_ON_DATA_CORRUPTION enabled, loading the module again usually\ntriggers this BUG():\n\n list_add corruption. next->prev should be prev (ffffffffb5355fd0),\n but was 0000000000000068. (next=ffffffffc0a010d0).\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:29!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 4159 Comm: modprobe Not tainted 6.10.11-4+bt2-ao-desktop #1\n RIP: 0010:__list_add_valid_or_report+0x61/0xa0\n ...\n __list_add_valid_or_report+0x61/0xa0\n proto_register+0x299/0x320\n hci_sock_init+0x16/0xc0 [bluetooth]\n bt_init+0x68/0xd0 [bluetooth]\n __pfx_bt_init+0x10/0x10 [bluetooth]\n do_one_initcall+0x80/0x2f0\n do_init_module+0x8b/0x230\n __do_sys_init_module+0x15f/0x190\n do_syscall_64+0x68/0x110\n ...", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50078", url: "https://www.suse.com/security/cve/CVE-2024-50078", }, { category: "external", summary: "SUSE Bug 1232503 for CVE-2024-50078", url: "https://bugzilla.suse.com/1232503", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50078", }, { cve: "CVE-2024-50079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50079", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work\n\nWhen the sqpoll is exiting and cancels pending work items, it may need\nto run task_work. If this happens from within io_uring_cancel_generic(),\nthen it may be under waiting for the io_uring_task waitqueue. This\nresults in the below splat from the scheduler, as the ring mutex may be\nattempted grabbed while in a TASK_INTERRUPTIBLE state.\n\nEnsure that the task state is set appropriately for that, just like what\nis done for the other cases in io_run_task_work().\n\ndo not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000029387fd2>] prepare_to_wait+0x88/0x2fc\nWARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140\nModules linked in:\nCPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456\nHardware name: linux,dummy-virt (DT)\npstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\npc : __might_sleep+0xf4/0x140\nlr : __might_sleep+0xf4/0x140\nsp : ffff80008c5e7830\nx29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230\nx26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50\nx23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180\nx20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90\nx17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720\nx14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b\nx11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000\nx8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001\nx5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180\nCall trace:\n __might_sleep+0xf4/0x140\n mutex_lock+0x84/0x124\n io_handle_tw_list+0xf4/0x260\n tctx_task_work_run+0x94/0x340\n io_run_task_work+0x1ec/0x3c0\n io_uring_cancel_generic+0x364/0x524\n io_sq_thread+0x820/0x124c\n ret_from_fork+0x10/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50079", url: "https://www.suse.com/security/cve/CVE-2024-50079", }, { category: "external", summary: "SUSE Bug 1232495 for CVE-2024-50079", url: "https://bugzilla.suse.com/1232495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50079", }, { cve: "CVE-2024-50080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50080", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: don't allow user copy for unprivileged device\n\nUBLK_F_USER_COPY requires userspace to call write() on ublk char\ndevice for filling request buffer, and unprivileged device can't\nbe trusted.\n\nSo don't allow user copy for unprivileged device.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50080", url: "https://www.suse.com/security/cve/CVE-2024-50080", }, { category: "external", summary: "SUSE Bug 1232502 for CVE-2024-50080", url: "https://bugzilla.suse.com/1232502", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50080", }, { cve: "CVE-2024-50081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50081", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: setup queue ->tag_set before initializing hctx\n\nCommit 7b815817aa58 (\"blk-mq: add helper for checking if one CPU is mapped to specified hctx\")\nneeds to check queue mapping via tag set in hctx's cpuhp handler.\n\nHowever, q->tag_set may not be setup yet when the cpuhp handler is\nenabled, then kernel oops is triggered.\n\nFix the issue by setup queue tag_set before initializing hctx.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50081", url: "https://www.suse.com/security/cve/CVE-2024-50081", }, { category: "external", summary: "SUSE Bug 1232501 for CVE-2024-50081", url: "https://bugzilla.suse.com/1232501", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50081", }, { cve: "CVE-2024-50082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50082", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race\n\nWe're seeing crashes from rq_qos_wake_function that look like this:\n\n BUG: unable to handle page fault for address: ffffafe180a40084\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0\n Oops: Oops: 0002 [#1] PREEMPT SMP PTI\n CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40\n Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 <f0> 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00\n RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046\n RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084\n RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011\n R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002\n R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003\n FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n <IRQ>\n try_to_wake_up+0x5a/0x6a0\n rq_qos_wake_function+0x71/0x80\n __wake_up_common+0x75/0xa0\n __wake_up+0x36/0x60\n scale_up.part.0+0x50/0x110\n wb_timer_fn+0x227/0x450\n ...\n\nSo rq_qos_wake_function() calls wake_up_process(data->task), which calls\ntry_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock).\n\np comes from data->task, and data comes from the waitqueue entry, which\nis stored on the waiter's stack in rq_qos_wait(). Analyzing the core\ndump with drgn, I found that the waiter had already woken up and moved\non to a completely unrelated code path, clobbering what was previously\ndata->task. Meanwhile, the waker was passing the clobbered garbage in\ndata->task to wake_up_process(), leading to the crash.\n\nWhat's happening is that in between rq_qos_wake_function() deleting the\nwaitqueue entry and calling wake_up_process(), rq_qos_wait() is finding\nthat it already got a token and returning. The race looks like this:\n\nrq_qos_wait() rq_qos_wake_function()\n==============================================================\nprepare_to_wait_exclusive()\n data->got_token = true;\n list_del_init(&curr->entry);\nif (data.got_token)\n break;\nfinish_wait(&rqw->wait, &data.wq);\n ^- returns immediately because\n list_empty_careful(&wq_entry->entry)\n is true\n... return, go do something else ...\n wake_up_process(data->task)\n (NO LONGER VALID!)-^\n\nNormally, finish_wait() is supposed to synchronize against the waker.\nBut, as noted above, it is returning immediately because the waitqueue\nentry has already been removed from the waitqueue.\n\nThe bug is that rq_qos_wake_function() is accessing the waitqueue entry\nAFTER deleting it. Note that autoremove_wake_function() wakes the waiter\nand THEN deletes the waitqueue entry, which is the proper order.\n\nFix it by swapping the order. We also need to use\nlist_del_init_careful() to match the list_empty_careful() in\nfinish_wait().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50082", url: "https://www.suse.com/security/cve/CVE-2024-50082", }, { category: "external", summary: "SUSE Bug 1232500 for CVE-2024-50082", url: "https://bugzilla.suse.com/1232500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50082", }, { cve: "CVE-2024-50083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50083", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 <0f> 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <IRQ>\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n </IRQ>\n <TASK>\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50083", url: "https://www.suse.com/security/cve/CVE-2024-50083", }, { category: "external", summary: "SUSE Bug 1232493 for CVE-2024-50083", url: "https://bugzilla.suse.com/1232493", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50083", }, { cve: "CVE-2024-50084", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50084", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()\n\nCommit a3c1e45156ad (\"net: microchip: vcap: Fix use-after-free error in\nkunit test\") fixed the use-after-free error, but introduced below\nmemory leaks by removing necessary vcap_free_rule(), add it to fix it.\n\n\tunreferenced object 0xffffff80ca58b700 (size 192):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898264\n\t hex dump (first 32 bytes):\n\t 00 12 7a 00 05 00 00 00 0a 00 00 00 64 00 00 00 ..z.........d...\n\t 00 00 00 00 00 00 00 00 00 04 0b cc 80 ff ff ff ................\n\t backtrace (crc 9c09c3fe):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<0000000040a01b8d>] vcap_alloc_rule+0x3cc/0x9c4\n\t [<000000003fe86110>] vcap_api_encode_rule_test+0x1ac/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0400 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898265\n\t hex dump (first 32 bytes):\n\t 80 04 0b cc 80 ff ff ff 18 b7 58 ca 80 ff ff ff ..........X.....\n\t 39 00 00 00 02 00 00 00 06 05 04 03 02 01 ff ff 9...............\n\t backtrace (crc daf014e9):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<00000000dfdb1e81>] vcap_api_encode_rule_test+0x224/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0700 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898265\n\t hex dump (first 32 bytes):\n\t 80 07 0b cc 80 ff ff ff 28 b7 58 ca 80 ff ff ff ........(.X.....\n\t 3c 00 00 00 00 00 00 00 01 2f 03 b3 ec ff ff ff <......../......\n\t backtrace (crc 8d877792):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000006eadfab7>] vcap_rule_add_action+0x2d0/0x52c\n\t [<00000000323475d1>] vcap_api_encode_rule_test+0x4d4/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0900 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898266\n\t hex dump (first 32 bytes):\n\t 80 09 0b cc 80 ff ff ff 80 06 0b cc 80 ff ff ff ................\n\t 7d 00 00 00 01 00 00 00 00 00 00 00 ff 00 00 00 }...............\n\t backtrace (crc 34181e56):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<00000000991e3564>] vcap_val_rule+0xcf0/0x13e8\n\t [<00000000fc9868e5>] vcap_api_encode_rule_test+0x678/0x16b0\n\t [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac\n\t [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000c5d82c9a>] kthread+0x2e8/0x374\n\t [<00000000f4287308>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cc0b0980 (size 64):\n\t comm \"kunit_try_catch\", pid 1215, jiffies 4294898266\n\t hex dump (first 32 bytes):\n\t 18 b7 58 ca 80 ff ff ff 00 09 0b cc 80 ff ff ff ..X.............\n\t 67 00 00 00 00 00 00 00 01 01 74 88 c0 ff ff ff g.........t.....\n\t backtrace (crc 275fd9be):\n\t [<0000000052a0be73>] kmemleak_alloc+0x34/0x40\n\t [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528\n\t [<000000001396a1a2>] test_add_de\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50084", url: "https://www.suse.com/security/cve/CVE-2024-50084", }, { category: "external", summary: "SUSE Bug 1232494 for CVE-2024-50084", url: "https://bugzilla.suse.com/1232494", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50084", }, { cve: "CVE-2024-50085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50085", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50085", url: "https://www.suse.com/security/cve/CVE-2024-50085", }, { category: "external", summary: "SUSE Bug 1232508 for CVE-2024-50085", url: "https://bugzilla.suse.com/1232508", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50085", }, { cve: "CVE-2024-50086", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50086", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix user-after-free from session log off\n\nThere is racy issue between smb2 session log off and smb2 session setup.\nIt will cause user-after-free from session log off.\nThis add session_lock when setting SMB2_SESSION_EXPIRED and referece\ncount to session struct not to free session while it is being used.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50086", url: "https://www.suse.com/security/cve/CVE-2024-50086", }, { category: "external", summary: "SUSE Bug 1232521 for CVE-2024-50086", url: "https://bugzilla.suse.com/1232521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50086", }, { cve: "CVE-2024-50087", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50087", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix uninitialized pointer free on read_alloc_one_name() error\n\nThe function read_alloc_one_name() does not initialize the name field of\nthe passed fscrypt_str struct if kmalloc fails to allocate the\ncorresponding buffer. Thus, it is not guaranteed that\nfscrypt_str.name is initialized when freeing it.\n\nThis is a follow-up to the linked patch that fixes the remaining\ninstances of the bug introduced by commit e43eec81c516 (\"btrfs: use\nstruct qstr instead of name and namelen pairs\").", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50087", url: "https://www.suse.com/security/cve/CVE-2024-50087", }, { category: "external", summary: "SUSE Bug 1232499 for CVE-2024-50087", url: "https://bugzilla.suse.com/1232499", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50087", }, { cve: "CVE-2024-50088", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50088", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix uninitialized pointer free in add_inode_ref()\n\nThe add_inode_ref() function does not initialize the \"name\" struct when\nit is declared. If any of the following calls to \"read_one_inode()\nreturns NULL,\n\n\tdir = read_one_inode(root, parent_objectid);\n\tif (!dir) {\n\t\tret = -ENOENT;\n\t\tgoto out;\n\t}\n\n\tinode = read_one_inode(root, inode_objectid);\n\tif (!inode) {\n\t\tret = -EIO;\n\t\tgoto out;\n\t}\n\nthen \"name.name\" would be freed on \"out\" before being initialized.\n\nout:\n\t...\n\tkfree(name.name);\n\nThis issue was reported by Coverity with CID 1526744.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50088", url: "https://www.suse.com/security/cve/CVE-2024-50088", }, { category: "external", summary: "SUSE Bug 1232498 for CVE-2024-50088", url: "https://bugzilla.suse.com/1232498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50088", }, { cve: "CVE-2024-50089", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50089", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50089", url: "https://www.suse.com/security/cve/CVE-2024-50089", }, { category: "external", summary: "SUSE Bug 1232860 for CVE-2024-50089", url: "https://bugzilla.suse.com/1232860", }, { category: "external", summary: "SUSE Bug 1233250 for CVE-2024-50089", url: "https://bugzilla.suse.com/1233250", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50089", }, { cve: "CVE-2024-50090", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50090", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/oa: Fix overflow in oa batch buffer\n\nBy default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch\nbuffer, this is not a problem if batch buffer is only used once but\noa reuses the batch buffer for the same metric and at each call\nit appends a MI_BATCH_BUFFER_END, printing the warning below and then\noverflowing.\n\n[ 381.072016] ------------[ cut here ]------------\n[ 381.072019] xe 0000:00:02.0: [drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed!\n platform: LUNARLAKE subplatform: 1\n graphics: Xe2_LPG / Xe2_HPG 20.04 step B0\n media: Xe2_LPM / Xe2_HPM 20.00 step B0\n tile: 0 VRAM 0 B\n GT: 0 type 1\n\nSo here checking if batch buffer already have MI_BATCH_BUFFER_END if\nnot append it.\n\nv2:\n- simply fix, suggestion from Ashutosh\n\n(cherry picked from commit 9ba0e0f30ca42a98af3689460063edfb6315718a)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50090", url: "https://www.suse.com/security/cve/CVE-2024-50090", }, { category: "external", summary: "SUSE Bug 1232862 for CVE-2024-50090", url: "https://bugzilla.suse.com/1232862", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50090", }, { cve: "CVE-2024-50091", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50091", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndm vdo: don't refer to dedupe_context after releasing it\n\nClear the dedupe_context pointer in a data_vio whenever ownership of\nthe context is lost, so that vdo can't examine it accidentally.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50091", url: "https://www.suse.com/security/cve/CVE-2024-50091", }, { category: "external", summary: "SUSE Bug 1232872 for CVE-2024-50091", url: "https://bugzilla.suse.com/1232872", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50091", }, { cve: "CVE-2024-50092", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50092", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: netconsole: fix wrong warning\n\nA warning is triggered when there is insufficient space in the buffer\nfor userdata. However, this is not an issue since userdata will be sent\nin the next iteration.\n\nCurrent warning message:\n\n ------------[ cut here ]------------\n WARNING: CPU: 13 PID: 3013042 at drivers/net/netconsole.c:1122 write_ext_msg+0x3b6/0x3d0\n ? write_ext_msg+0x3b6/0x3d0\n console_flush_all+0x1e9/0x330\n\nThe code incorrectly issues a warning when this_chunk is zero, which is\na valid scenario. The warning should only be triggered when this_chunk\nis negative.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50092", url: "https://www.suse.com/security/cve/CVE-2024-50092", }, { category: "external", summary: "SUSE Bug 1232874 for CVE-2024-50092", url: "https://bugzilla.suse.com/1232874", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50092", }, { cve: "CVE-2024-50093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50093", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: int340x: processor: Fix warning during module unload\n\nThe processor_thermal driver uses pcim_device_enable() to enable a PCI\ndevice, which means the device will be automatically disabled on driver\ndetach. Thus there is no need to call pci_disable_device() again on it.\n\nWith recent PCI device resource management improvements, e.g. commit\nf748a07a0b64 (\"PCI: Remove legacy pcim_release()\"), this problem is\nexposed and triggers the warining below.\n\n [ 224.010735] proc_thermal_pci 0000:00:04.0: disabling already-disabled device\n [ 224.010747] WARNING: CPU: 8 PID: 4442 at drivers/pci/pci.c:2250 pci_disable_device+0xe5/0x100\n ...\n [ 224.010844] Call Trace:\n [ 224.010845] <TASK>\n [ 224.010847] ? show_regs+0x6d/0x80\n [ 224.010851] ? __warn+0x8c/0x140\n [ 224.010854] ? pci_disable_device+0xe5/0x100\n [ 224.010856] ? report_bug+0x1c9/0x1e0\n [ 224.010859] ? handle_bug+0x46/0x80\n [ 224.010862] ? exc_invalid_op+0x1d/0x80\n [ 224.010863] ? asm_exc_invalid_op+0x1f/0x30\n [ 224.010867] ? pci_disable_device+0xe5/0x100\n [ 224.010869] ? pci_disable_device+0xe5/0x100\n [ 224.010871] ? kfree+0x21a/0x2b0\n [ 224.010873] pcim_disable_device+0x20/0x30\n [ 224.010875] devm_action_release+0x16/0x20\n [ 224.010878] release_nodes+0x47/0xc0\n [ 224.010880] devres_release_all+0x9f/0xe0\n [ 224.010883] device_unbind_cleanup+0x12/0x80\n [ 224.010885] device_release_driver_internal+0x1ca/0x210\n [ 224.010887] driver_detach+0x4e/0xa0\n [ 224.010889] bus_remove_driver+0x6f/0xf0\n [ 224.010890] driver_unregister+0x35/0x60\n [ 224.010892] pci_unregister_driver+0x44/0x90\n [ 224.010894] proc_thermal_pci_driver_exit+0x14/0x5f0 [processor_thermal_device_pci]\n ...\n [ 224.010921] ---[ end trace 0000000000000000 ]---\n\nRemove the excess pci_disable_device() calls.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50093", url: "https://www.suse.com/security/cve/CVE-2024-50093", }, { category: "external", summary: "SUSE Bug 1232877 for CVE-2024-50093", url: "https://bugzilla.suse.com/1232877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50093", }, { cve: "CVE-2024-50094", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50094", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: Don't invoke xdp_do_flush() from netpoll.\n\nYury reported a crash in the sfc driver originated from\nnetpoll_send_udp(). The netconsole sends a message and then netpoll\ninvokes the driver's NAPI function with a budget of zero. It is\ndedicated to allow driver to free TX resources, that it may have used\nwhile sending the packet.\n\nIn the netpoll case the driver invokes xdp_do_flush() unconditionally,\nleading to crash because bpf_net_context was never assigned.\n\nInvoke xdp_do_flush() only if budget is not zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50094", url: "https://www.suse.com/security/cve/CVE-2024-50094", }, { category: "external", summary: "SUSE Bug 1232875 for CVE-2024-50094", url: "https://bugzilla.suse.com/1232875", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50094", }, { cve: "CVE-2024-50095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50095", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n <IRQ>\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n </IRQ>\n <TASK>\n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n </TASK>\n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50095", url: "https://www.suse.com/security/cve/CVE-2024-50095", }, { category: "external", summary: "SUSE Bug 1232873 for CVE-2024-50095", url: "https://bugzilla.suse.com/1232873", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50095", }, { cve: "CVE-2024-50096", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50096", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error\n\nThe `nouveau_dmem_copy_one` function ensures that the copy push command is\nsent to the device firmware but does not track whether it was executed\nsuccessfully.\n\nIn the case of a copy error (e.g., firmware or hardware failure), the\ncopy push command will be sent via the firmware channel, and\n`nouveau_dmem_copy_one` will likely report success, leading to the\n`migrate_to_ram` function returning a dirty HIGH_USER page to the user.\n\nThis can result in a security vulnerability, as a HIGH_USER page that may\ncontain sensitive or corrupted data could be returned to the user.\n\nTo prevent this vulnerability, we allocate a zero page. Thus, in case of\nan error, a non-dirty (zero) page will be returned to the user.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50096", url: "https://www.suse.com/security/cve/CVE-2024-50096", }, { category: "external", summary: "SUSE Bug 1232870 for CVE-2024-50096", url: "https://bugzilla.suse.com/1232870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50096", }, { cve: "CVE-2024-50097", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50097", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: don't save PTP state if PTP is unsupported\n\nSome platforms (such as i.MX25 and i.MX27) do not support PTP, so on\nthese platforms fec_ptp_init() is not called and the related members\nin fep are not initialized. However, fec_ptp_save_state() is called\nunconditionally, which causes the kernel to panic. Therefore, add a\ncondition so that fec_ptp_save_state() is not called if PTP is not\nsupported.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50097", url: "https://www.suse.com/security/cve/CVE-2024-50097", }, { category: "external", summary: "SUSE Bug 1232871 for CVE-2024-50097", url: "https://bugzilla.suse.com/1232871", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50097", }, { cve: "CVE-2024-50098", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50098", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down\n\nThere is a history of deadlock if reboot is performed at the beginning\nof booting. SDEV_QUIESCE was set for all LU's scsi_devices by UFS\nshutdown, and at that time the audio driver was waiting on\nblk_mq_submit_bio() holding a mutex_lock while reading the fw binary.\nAfter that, a deadlock issue occurred while audio driver shutdown was\nwaiting for mutex_unlock of blk_mq_submit_bio(). To solve this, set\nSDEV_OFFLINE for all LUs except WLUN, so that any I/O that comes down\nafter a UFS shutdown will return an error.\n\n[ 31.907781]I[0: swapper/0: 0] 1 130705007 1651079834 11289729804 0 D( 2) 3 ffffff882e208000 * init [device_shutdown]\n[ 31.907793]I[0: swapper/0: 0] Mutex: 0xffffff8849a2b8b0: owner[0xffffff882e28cb00 kworker/6:0 :49]\n[ 31.907806]I[0: swapper/0: 0] Call trace:\n[ 31.907810]I[0: swapper/0: 0] __switch_to+0x174/0x338\n[ 31.907819]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc\n[ 31.907826]I[0: swapper/0: 0] schedule+0x7c/0xe8\n[ 31.907834]I[0: swapper/0: 0] schedule_preempt_disabled+0x24/0x40\n[ 31.907842]I[0: swapper/0: 0] __mutex_lock+0x408/0xdac\n[ 31.907849]I[0: swapper/0: 0] __mutex_lock_slowpath+0x14/0x24\n[ 31.907858]I[0: swapper/0: 0] mutex_lock+0x40/0xec\n[ 31.907866]I[0: swapper/0: 0] device_shutdown+0x108/0x280\n[ 31.907875]I[0: swapper/0: 0] kernel_restart+0x4c/0x11c\n[ 31.907883]I[0: swapper/0: 0] __arm64_sys_reboot+0x15c/0x280\n[ 31.907890]I[0: swapper/0: 0] invoke_syscall+0x70/0x158\n[ 31.907899]I[0: swapper/0: 0] el0_svc_common+0xb4/0xf4\n[ 31.907909]I[0: swapper/0: 0] do_el0_svc+0x2c/0xb0\n[ 31.907918]I[0: swapper/0: 0] el0_svc+0x34/0xe0\n[ 31.907928]I[0: swapper/0: 0] el0t_64_sync_handler+0x68/0xb4\n[ 31.907937]I[0: swapper/0: 0] el0t_64_sync+0x1a0/0x1a4\n\n[ 31.908774]I[0: swapper/0: 0] 49 0 11960702 11236868007 0 D( 2) 6 ffffff882e28cb00 * kworker/6:0 [__bio_queue_enter]\n[ 31.908783]I[0: swapper/0: 0] Call trace:\n[ 31.908788]I[0: swapper/0: 0] __switch_to+0x174/0x338\n[ 31.908796]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc\n[ 31.908803]I[0: swapper/0: 0] schedule+0x7c/0xe8\n[ 31.908811]I[0: swapper/0: 0] __bio_queue_enter+0xb8/0x178\n[ 31.908818]I[0: swapper/0: 0] blk_mq_submit_bio+0x194/0x67c\n[ 31.908827]I[0: swapper/0: 0] __submit_bio+0xb8/0x19c", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50098", url: "https://www.suse.com/security/cve/CVE-2024-50098", }, { category: "external", summary: "SUSE Bug 1232881 for CVE-2024-50098", url: "https://bugzilla.suse.com/1232881", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50098", }, { cve: "CVE-2024-50099", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50099", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50099", url: "https://www.suse.com/security/cve/CVE-2024-50099", }, { category: "external", summary: "SUSE Bug 1232887 for CVE-2024-50099", url: "https://bugzilla.suse.com/1232887", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50099", }, { cve: "CVE-2024-50100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50100", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: dummy-hcd: Fix \"task hung\" problem\n\nThe syzbot fuzzer has been encountering \"task hung\" problems ever\nsince the dummy-hcd driver was changed to use hrtimers instead of\nregular timers. It turns out that the problems are caused by a subtle\ndifference between the timer_pending() and hrtimer_active() APIs.\n\nThe changeover blindly replaced the first by the second. However,\ntimer_pending() returns True when the timer is queued but not when its\ncallback is running, whereas hrtimer_active() returns True when the\nhrtimer is queued _or_ its callback is running. This difference\noccasionally caused dummy_urb_enqueue() to think that the callback\nroutine had not yet started when in fact it was almost finished. As a\nresult the hrtimer was not restarted, which made it impossible for the\ndriver to dequeue later the URB that was just enqueued. This caused\nusb_kill_urb() to hang, and things got worse from there.\n\nSince hrtimers have no API for telling when they are queued and the\ncallback isn't running, the driver must keep track of this for itself.\nThat's what this patch does, adding a new \"timer_pending\" flag and\nsetting or clearing it at the appropriate times.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50100", url: "https://www.suse.com/security/cve/CVE-2024-50100", }, { category: "external", summary: "SUSE Bug 1232876 for CVE-2024-50100", url: "https://bugzilla.suse.com/1232876", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50100", }, { cve: "CVE-2024-50101", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50101", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices\n\nPreviously, the domain_context_clear() function incorrectly called\npci_for_each_dma_alias() to set up context entries for non-PCI devices.\nThis could lead to kernel hangs or other unexpected behavior.\n\nAdd a check to only call pci_for_each_dma_alias() for PCI devices. For\nnon-PCI devices, domain_context_clear_one() is called directly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50101", url: "https://www.suse.com/security/cve/CVE-2024-50101", }, { category: "external", summary: "SUSE Bug 1232869 for CVE-2024-50101", url: "https://bugzilla.suse.com/1232869", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50101", }, { cve: "CVE-2024-50102", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50102", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86: fix user address masking non-canonical speculation issue\n\nIt turns out that AMD has a \"Meltdown Lite(tm)\" issue with non-canonical\naccesses in kernel space. And so using just the high bit to decide\nwhether an access is in user space or kernel space ends up with the good\nold \"leak speculative data\" if you have the right gadget using the\nresult:\n\n CVE-2020-12965 \"Transient Execution of Non-Canonical Accesses\"\n\nNow, the kernel surrounds the access with a STAC/CLAC pair, and those\ninstructions end up serializing execution on older Zen architectures,\nwhich closes the speculation window.\n\nBut that was true only up until Zen 5, which renames the AC bit [1].\nThat improves performance of STAC/CLAC a lot, but also means that the\nspeculation window is now open.\n\nNote that this affects not just the new address masking, but also the\nregular valid_user_address() check used by access_ok(), and the asm\nversion of the sign bit check in the get_user() helpers.\n\nIt does not affect put_user() or clear_user() variants, since there's no\nspeculative result to be used in a gadget for those operations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50102", url: "https://www.suse.com/security/cve/CVE-2024-50102", }, { category: "external", summary: "SUSE Bug 1232880 for CVE-2024-50102", url: "https://bugzilla.suse.com/1232880", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50102", }, { cve: "CVE-2024-50103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50103", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe()\n\nA devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could\npossibly return NULL pointer. NULL Pointer Dereference may be\ntriggerred without addtional check.\nAdd a NULL check for the returned pointer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50103", url: "https://www.suse.com/security/cve/CVE-2024-50103", }, { category: "external", summary: "SUSE Bug 1232878 for CVE-2024-50103", url: "https://bugzilla.suse.com/1232878", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50103", }, { cve: "CVE-2024-50104", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50104", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: sdm845: add missing soundwire runtime stream alloc\n\nDuring the migration of Soundwire runtime stream allocation from\nthe Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845\nsoundcard was forgotten.\n\nAt this point any playback attempt or audio daemon startup, for instance\non sdm845-db845c (Qualcomm RB3 board), will result in stream pointer\nNULL dereference:\n\n Unable to handle kernel NULL pointer dereference at virtual\n address 0000000000000020\n Mem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=0000000101ecf000\n [0000000000000020] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n Modules linked in: ...\n CPU: 5 UID: 0 PID: 1198 Comm: aplay\n Not tainted 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18\n Hardware name: Thundercomm Dragonboard 845c (DT)\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n lr : sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n sp : ffff80008a2035c0\n x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 0000000000000000\n x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800\n x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003\n x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000\n x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec\n x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003\n x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8\n Call trace:\n sdw_stream_add_slave+0x44/0x380 [soundwire_bus]\n wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x]\n snd_soc_dai_hw_params+0x3c/0xa4\n __soc_pcm_hw_params+0x230/0x660\n dpcm_be_dai_hw_params+0x1d0/0x3f8\n dpcm_fe_dai_hw_params+0x98/0x268\n snd_pcm_hw_params+0x124/0x460\n snd_pcm_common_ioctl+0x998/0x16e8\n snd_pcm_ioctl+0x34/0x58\n __arm64_sys_ioctl+0xac/0xf8\n invoke_syscall+0x48/0x104\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xe0\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\n Code: aa0403fb f9418400 9100e000 9400102f (f8420f22)\n ---[ end trace 0000000000000000 ]---\n\n0000000000006108 <sdw_stream_add_slave>:\n 6108: d503233f paciasp\n 610c: a9b97bfd stp x29, x30, [sp, #-112]!\n 6110: 910003fd mov x29, sp\n 6114: a90153f3 stp x19, x20, [sp, #16]\n 6118: a9025bf5 stp x21, x22, [sp, #32]\n 611c: aa0103f6 mov x22, x1\n 6120: 2a0303f5 mov w21, w3\n 6124: a90363f7 stp x23, x24, [sp, #48]\n 6128: aa0003f8 mov x24, x0\n 612c: aa0203f7 mov x23, x2\n 6130: a9046bf9 stp x25, x26, [sp, #64]\n 6134: aa0403f9 mov x25, x4 <-- x4 copied to x25\n 6138: a90573fb stp x27, x28, [sp, #80]\n 613c: aa0403fb mov x27, x4\n 6140: f9418400 ldr x0, [x0, #776]\n 6144: 9100e000 add x0, x0, #0x38\n 6148: 94000000 bl 0 <mutex_lock>\n 614c: f8420f22 ldr x2, [x25, #32]! <-- offset 0x44\n ^^^\nThis is 0x6108 + offset 0x44 from the beginning of sdw_stream_add_slave()\nwhere data abort happens.\nwsa881x_hw_params() is called with stream = NULL and passes it further\nin register x4 (5th argu\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50104", url: "https://www.suse.com/security/cve/CVE-2024-50104", }, { category: "external", summary: "SUSE Bug 1232868 for CVE-2024-50104", url: "https://bugzilla.suse.com/1232868", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50104", }, { cve: "CVE-2024-50105", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50105", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc\n\nCommit 15c7fab0e047 (\"ASoC: qcom: Move Soundwire runtime stream alloc to\nsoundcards\") moved the allocation of Soundwire stream runtime from the\nQualcomm Soundwire driver to each individual machine sound card driver,\nexcept that it forgot to update SC7280 card.\n\nJust like for other Qualcomm sound cards using Soundwire, the card\ndriver should allocate and release the runtime. Otherwise sound\nplayback will result in a NULL pointer dereference or other effect of\nuninitialized memory accesses (which was confirmed on SDM845 having\nsimilar issue).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50105", url: "https://www.suse.com/security/cve/CVE-2024-50105", }, { category: "external", summary: "SUSE Bug 1232879 for CVE-2024-50105", url: "https://bugzilla.suse.com/1232879", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50105", }, { cve: "CVE-2024-50106", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50106", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn't empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that's based on adding 2 new additional\nstid's sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn't finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50106", url: "https://www.suse.com/security/cve/CVE-2024-50106", }, { category: "external", summary: "SUSE Bug 1232882 for CVE-2024-50106", url: "https://bugzilla.suse.com/1232882", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50106", }, { cve: "CVE-2024-50107", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50107", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses\n\nCommit 50c6dbdfd16e (\"x86/ioremap: Improve iounmap() address range checks\")\nintroduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad\nP1 Gen 7 (Meteor Lake-P) this caused the following warning to appear:\n\nWARNING: CPU: 7 PID: 713 at arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0\nModules linked in: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+)\nint3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class\nacpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper\nnouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit\ncrct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi\npolyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi\nnvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec\nnvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse\nCPU: 7 UID: 0 PID: 713 Comm: (udev-worker) Not tainted 6.12.0-rc2iounmap+ #42\nHardware name: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06 ) 07/18/2024\nRIP: 0010:iounmap+0x58/0x1f0\nCode: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00\nRSP: 0018:ffff888131eff038 EFLAGS: 00010207\nRAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000\nRDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000\nRBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10\nR10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000\nR13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28\nFS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n<TASK>\n? __warn.cold+0xb6/0x176\n? iounmap+0x58/0x1f0\n? report_bug+0x1f4/0x2b0\n? handle_bug+0x58/0x90\n? exc_invalid_op+0x17/0x40\n? asm_exc_invalid_op+0x1a/0x20\n? iounmap+0x58/0x1f0\npmc_core_ssram_get_pmc+0x477/0x6c0 [intel_pmc_core]\n? __pfx_pmc_core_ssram_get_pmc+0x10/0x10 [intel_pmc_core]\n? __pfx_do_pci_enable_device+0x10/0x10\n? pci_wait_for_pending+0x60/0x110\n? pci_enable_device_flags+0x1e3/0x2e0\n? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core]\npmc_core_ssram_init+0x7f/0x110 [intel_pmc_core]\nmtl_core_init+0xda/0x130 [intel_pmc_core]\n? __mutex_init+0xb9/0x130\npmc_core_probe+0x27e/0x10b0 [intel_pmc_core]\n? _raw_spin_lock_irqsave+0x96/0xf0\n? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core]\n? __pfx_mutex_unlock+0x10/0x10\n? __pfx_mutex_lock+0x10/0x10\n? device_pm_check_callbacks+0x82/0x370\n? acpi_dev_pm_attach+0x234/0x2b0\nplatform_probe+0x9f/0x150\nreally_probe+0x1e0/0x8a0\n__driver_probe_device+0x18c/0x370\n? __pfx___driver_attach+0x10/0x10\ndriver_probe_device+0x4a/0x120\n__driver_attach+0x190/0x4a0\n? __pfx___driver_attach+0x10/0x10\nbus_for_each_dev+0x103/0x180\n? __pfx_bus_for_each_dev+0x10/0x10\n? klist_add_tail+0x136/0x270\nbus_add_driver+0x2fc/0x540\ndriver_register+0x1a5/0x360\n? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core]\ndo_one_initcall+0xa4/0x380\n? __pfx_do_one_initcall+0x10/0x10\n? kasan_unpoison+0x44/0x70\ndo_init_module+0x296/0x800\nload_module+0x5090/0x6ce0\n? __pfx_load_module+0x10/0x10\n? ima_post_read_file+0x193/0x200\n? __pfx_ima_post_read_file+0x10/0x10\n? rw_verify_area+0x152/0x4c0\n? kernel_read_file+0x257/0x750\n? __pfx_kernel_read_file+0x10/0x10\n? __pfx_filemap_get_read_batch+0x10/0x10\n? init_module_from_file+0xd1/0x130\ninit_module_from_file+0xd1/0x130\n? __pfx_init_module_from_file+0x10/0\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50107", url: "https://www.suse.com/security/cve/CVE-2024-50107", }, { category: "external", summary: "SUSE Bug 1232883 for CVE-2024-50107", url: "https://bugzilla.suse.com/1232883", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50107", }, { cve: "CVE-2024-50108", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50108", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable PSR-SU on Parade 08-01 TCON too\n\nStuart Hayhurst has found that both at bootup and fullscreen VA-API video\nis leading to black screens for around 1 second and kernel WARNING [1] traces\nwhen calling dmub_psr_enable() with Parade 08-01 TCON.\n\nThese symptoms all go away with PSR-SU disabled for this TCON, so disable\nit for now while DMUB traces [2] from the failure can be analyzed and the failure\nstate properly root caused.\n\n(cherry picked from commit afb634a6823d8d9db23c5fb04f79c5549349628b)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50108", url: "https://www.suse.com/security/cve/CVE-2024-50108", }, { category: "external", summary: "SUSE Bug 1232884 for CVE-2024-50108", url: "https://bugzilla.suse.com/1232884", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50108", }, { cve: "CVE-2024-50109", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50109", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: fix null ptr dereference in raid10_size()\n\nIn raid10_run() if raid10_set_queue_limits() succeed, the return value\nis set to zero, and if following procedures failed raid10_run() will\nreturn zero while mddev->private is still NULL, causing null ptr\ndereference in raid10_size().\n\nFix the problem by only overwrite the return value if\nraid10_set_queue_limits() failed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50109", url: "https://www.suse.com/security/cve/CVE-2024-50109", }, { category: "external", summary: "SUSE Bug 1232886 for CVE-2024-50109", url: "https://bugzilla.suse.com/1232886", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50109", }, { cve: "CVE-2024-50110", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50110", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix one more kernel-infoleak in algo dumping\n\nDuring fuzz testing, the following issue was discovered:\n\nBUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30\n _copy_to_iter+0x598/0x2a30\n __skb_datagram_iter+0x168/0x1060\n skb_copy_datagram_iter+0x5b/0x220\n netlink_recvmsg+0x362/0x1700\n sock_recvmsg+0x2dc/0x390\n __sys_recvfrom+0x381/0x6d0\n __x64_sys_recvfrom+0x130/0x200\n x64_sys_call+0x32c8/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was stored to memory at:\n copy_to_user_state_extra+0xcc1/0x1e00\n dump_one_state+0x28c/0x5f0\n xfrm_state_walk+0x548/0x11e0\n xfrm_dump_sa+0x1e0/0x840\n netlink_dump+0x943/0x1c40\n __netlink_dump_start+0x746/0xdb0\n xfrm_user_rcv_msg+0x429/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nUninit was created at:\n __kmalloc+0x571/0xd30\n attach_auth+0x106/0x3e0\n xfrm_add_sa+0x2aa0/0x4230\n xfrm_user_rcv_msg+0x832/0xc00\n netlink_rcv_skb+0x613/0x780\n xfrm_netlink_rcv+0x77/0xc0\n netlink_unicast+0xe90/0x1280\n netlink_sendmsg+0x126d/0x1490\n __sock_sendmsg+0x332/0x3d0\n ____sys_sendmsg+0x863/0xc30\n ___sys_sendmsg+0x285/0x3e0\n __x64_sys_sendmsg+0x2d6/0x560\n x64_sys_call+0x1316/0x3cc0\n do_syscall_64+0xd8/0x1c0\n entry_SYSCALL_64_after_hwframe+0x79/0x81\n\nBytes 328-379 of 732 are uninitialized\nMemory access of size 732 starts at ffff88800e18e000\nData copied to user address 00007ff30f48aff0\n\nCPU: 2 PID: 18167 Comm: syz-executor.0 Not tainted 6.8.11 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n\nFixes copying of xfrm algorithms where some random\ndata of the structure fields can end up in userspace.\nPadding in structures may be filled with random (possibly sensitve)\ndata and should never be given directly to user-space.\n\nA similar issue was resolved in the commit\n8222d5910dae (\"xfrm: Zero padding when dumping algos and encap\")\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50110", url: "https://www.suse.com/security/cve/CVE-2024-50110", }, { category: "external", summary: "SUSE Bug 1232885 for CVE-2024-50110", url: "https://bugzilla.suse.com/1232885", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50110", }, { cve: "CVE-2024-50111", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50111", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Enable IRQ if do_ale() triggered in irq-enabled context\n\nUnaligned access exception can be triggered in irq-enabled context such\nas user mode, in this case do_ale() may call get_user() which may cause\nsleep. Then we will get:\n\n BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7\n in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe\n preempt_count: 0, expected: 0\n RCU nest depth: 0, expected: 0\n CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723\n Tainted: [W]=WARN\n Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000\n 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000\n 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890\n ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500\n 000000000000020c 000000000000000a 0000000000000000 0000000000000003\n 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260\n 0000000000000000 0000000000000000 9000000005437650 90000000055d5000\n 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000\n 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec\n 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d\n ...\n Call Trace:\n [<9000000003803964>] show_stack+0x64/0x1a0\n [<9000000004c57464>] dump_stack_lvl+0x74/0xb0\n [<9000000003861ab4>] __might_resched+0x154/0x1a0\n [<900000000380c96c>] emulate_load_store_insn+0x6c/0xf60\n [<9000000004c58118>] do_ale+0x78/0x180\n [<9000000003801bc8>] handle_ale+0x128/0x1e0\n\nSo enable IRQ if unaligned access exception is triggered in irq-enabled\ncontext to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50111", url: "https://www.suse.com/security/cve/CVE-2024-50111", }, { category: "external", summary: "SUSE Bug 1232866 for CVE-2024-50111", url: "https://bugzilla.suse.com/1232866", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50111", }, { cve: "CVE-2024-50112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50112", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lam: Disable ADDRESS_MASKING in most cases\n\nLinear Address Masking (LAM) has a weakness related to transient\nexecution as described in the SLAM paper[1]. Unless Linear Address\nSpace Separation (LASS) is enabled this weakness may be exploitable.\n\nUntil kernel adds support for LASS[2], only allow LAM for COMPILE_TEST,\nor when speculation mitigations have been disabled at compile time,\notherwise keep LAM disabled.\n\nThere are no processors in market that support LAM yet, so currently\nnobody is affected by this issue.\n\n[1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf\n[2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/\n\n[ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50112", url: "https://www.suse.com/security/cve/CVE-2024-50112", }, { category: "external", summary: "SUSE Bug 1232867 for CVE-2024-50112", url: "https://bugzilla.suse.com/1232867", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50112", }, { cve: "CVE-2024-50113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50113", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: core: fix invalid port index for parent device\n\nIn a commit 24b7f8e5cd65 (\"firewire: core: use helper functions for self\nID sequence\"), the enumeration over self ID sequence was refactored with\nsome helper functions with KUnit tests. These helper functions are\nguaranteed to work expectedly by the KUnit tests, however their application\nincludes a mistake to assign invalid value to the index of port connected\nto parent device.\n\nThis bug affects the case that any extra node devices which has three or\nmore ports are connected to 1394 OHCI controller. In the case, the path\nto update the tree cache could hits WARN_ON(), and gets general protection\nfault due to the access to invalid address computed by the invalid value.\n\nThis commit fixes the bug to assign correct port index.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50113", url: "https://www.suse.com/security/cve/CVE-2024-50113", }, { category: "external", summary: "SUSE Bug 1232891 for CVE-2024-50113", url: "https://bugzilla.suse.com/1232891", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50113", }, { cve: "CVE-2024-50114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50114", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unregister redistributor for failed vCPU creation\n\nAlex reports that syzkaller has managed to trigger a use-after-free when\ntearing down a VM:\n\n BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769\n Read of size 8 at addr ffffff801c6890d0 by task syz.3.2219/10758\n\n CPU: 3 UID: 0 PID: 10758 Comm: syz.3.2219 Not tainted 6.11.0-rc6-dirty #64\n Hardware name: linux,dummy-virt (DT)\n Call trace:\n dump_backtrace+0x17c/0x1a8 arch/arm64/kernel/stacktrace.c:317\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:324\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x94/0xc0 lib/dump_stack.c:119\n print_report+0x144/0x7a4 mm/kasan/report.c:377\n kasan_report+0xcc/0x128 mm/kasan/report.c:601\n __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381\n kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769\n kvm_vm_release+0x4c/0x60 virt/kvm/kvm_main.c:1409\n __fput+0x198/0x71c fs/file_table.c:422\n ____fput+0x20/0x30 fs/file_table.c:450\n task_work_run+0x1cc/0x23c kernel/task_work.c:228\n do_notify_resume+0x144/0x1a0 include/linux/resume_user_mode.h:50\n el0_svc+0x64/0x68 arch/arm64/kernel/entry-common.c:169\n el0t_64_sync_handler+0x90/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\n\nUpon closer inspection, it appears that we do not properly tear down the\nMMIO registration for a vCPU that fails creation late in the game, e.g.\na vCPU w/ the same ID already exists in the VM.\n\nIt is important to consider the context of commit that introduced this bug\nby moving the unregistration out of __kvm_vgic_vcpu_destroy(). That\nchange correctly sought to avoid an srcu v. config_lock inversion by\nbreaking up the vCPU teardown into two parts, one guarded by the\nconfig_lock.\n\nFix the use-after-free while avoiding lock inversion by adding a\nspecial-cased unregistration to __kvm_vgic_vcpu_destroy(). This is safe\nbecause failed vCPUs are torn down outside of the config_lock.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50114", url: "https://www.suse.com/security/cve/CVE-2024-50114", }, { category: "external", summary: "SUSE Bug 1232912 for CVE-2024-50114", url: "https://bugzilla.suse.com/1232912", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50114", }, { cve: "CVE-2024-50115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50115", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn't using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM's much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it's only the nSVM flow\nthat is broken.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50115", url: "https://www.suse.com/security/cve/CVE-2024-50115", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50115", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232919 for CVE-2024-50115", url: "https://bugzilla.suse.com/1232919", }, { category: "external", summary: "SUSE Bug 1233019 for CVE-2024-50115", url: "https://bugzilla.suse.com/1233019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50115", }, { cve: "CVE-2024-50116", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50116", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel bug due to missing clearing of buffer delay flag\n\nSyzbot reported that after nilfs2 reads a corrupted file system image\nand degrades to read-only, the BUG_ON check for the buffer delay flag\nin submit_bh_wbc() may fail, causing a kernel bug.\n\nThis is because the buffer delay flag is not cleared when clearing the\nbuffer state flags to discard a page/folio or a buffer head. So, fix\nthis.\n\nThis became necessary when the use of nilfs2's own page clear routine\nwas expanded. This state inconsistency does not occur if the buffer\nis written normally by log writing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50116", url: "https://www.suse.com/security/cve/CVE-2024-50116", }, { category: "external", summary: "SUSE Bug 1232892 for CVE-2024-50116", url: "https://bugzilla.suse.com/1232892", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50116", }, { cve: "CVE-2024-50117", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50117", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50117", url: "https://www.suse.com/security/cve/CVE-2024-50117", }, { category: "external", summary: "SUSE Bug 1232897 for CVE-2024-50117", url: "https://bugzilla.suse.com/1232897", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50117", }, { cve: "CVE-2024-50118", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50118", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reject ro->rw reconfiguration if there are hard ro requirements\n\n[BUG]\nSyzbot reports the following crash:\n\n BTRFS info (device loop0 state MCS): disabling free space tree\n BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)\n BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:backup_super_roots fs/btrfs/disk-io.c:1691 [inline]\n RIP: 0010:write_all_supers+0x97a/0x40f0 fs/btrfs/disk-io.c:4041\n Call Trace:\n <TASK>\n btrfs_commit_transaction+0x1eae/0x3740 fs/btrfs/transaction.c:2530\n btrfs_delete_free_space_tree+0x383/0x730 fs/btrfs/free-space-tree.c:1312\n btrfs_start_pre_rw_mount+0xf28/0x1300 fs/btrfs/disk-io.c:3012\n btrfs_remount_rw fs/btrfs/super.c:1309 [inline]\n btrfs_reconfigure+0xae6/0x2d40 fs/btrfs/super.c:1534\n btrfs_reconfigure_for_mount fs/btrfs/super.c:2020 [inline]\n btrfs_get_tree_subvol fs/btrfs/super.c:2079 [inline]\n btrfs_get_tree+0x918/0x1920 fs/btrfs/super.c:2115\n vfs_get_tree+0x90/0x2b0 fs/super.c:1800\n do_new_mount+0x2be/0xb40 fs/namespace.c:3472\n do_mount fs/namespace.c:3812 [inline]\n __do_sys_mount fs/namespace.c:4020 [inline]\n __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3997\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nTo support mounting different subvolume with different RO/RW flags for\nthe new mount APIs, btrfs introduced two workaround to support this feature:\n\n- Skip mount option/feature checks if we are mounting a different\n subvolume\n\n- Reconfigure the fs to RW if the initial mount is RO\n\nCombining these two, we can have the following sequence:\n\n- Mount the fs ro,rescue=all,clear_cache,space_cache=v1\n rescue=all will mark the fs as hard read-only, so no v2 cache clearing\n will happen.\n\n- Mount a subvolume rw of the same fs.\n We go into btrfs_get_tree_subvol(), but fc_mount() returns EBUSY\n because our new fc is RW, different from the original fs.\n\n Now we enter btrfs_reconfigure_for_mount(), which switches the RO flag\n first so that we can grab the existing fs_info.\n Then we reconfigure the fs to RW.\n\n- During reconfiguration, option/features check is skipped\n This means we will restart the v2 cache clearing, and convert back to\n v1 cache.\n This will trigger fs writes, and since the original fs has \"rescue=all\"\n option, it skips the csum tree read.\n\n And eventually causing NULL pointer dereference in super block\n writeback.\n\n[FIX]\nFor reconfiguration caused by different subvolume RO/RW flags, ensure we\nalways run btrfs_check_options() to ensure we have proper hard RO\nrequirements met.\n\nIn fact the function btrfs_check_options() doesn't really do many\ncomplex checks, but hard RO requirement and some feature dependency\nchecks, thus there is no special reason not to do the check for mount\nreconfiguration.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50118", url: "https://www.suse.com/security/cve/CVE-2024-50118", }, { category: "external", summary: "SUSE Bug 1232859 for CVE-2024-50118", url: "https://bugzilla.suse.com/1232859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50118", }, { cve: "CVE-2024-50119", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50119", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix warning when destroy 'cifs_io_request_pool'\n\nThere's a issue as follows:\nWARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0\nRIP: 0010:free_large_kmalloc+0xac/0xe0\nCall Trace:\n <TASK>\n ? __warn+0xea/0x330\n mempool_destroy+0x13f/0x1d0\n init_cifs+0xa50/0xff0 [cifs]\n do_one_initcall+0xdc/0x550\n do_init_module+0x22d/0x6b0\n load_module+0x4e96/0x5ff0\n init_module_from_file+0xcd/0x130\n idempotent_init_module+0x330/0x620\n __x64_sys_finit_module+0xb3/0x110\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nObviously, 'cifs_io_request_pool' is not created by mempool_create().\nSo just use mempool_exit() to revert 'cifs_io_request_pool'.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50119", url: "https://www.suse.com/security/cve/CVE-2024-50119", }, { category: "external", summary: "SUSE Bug 1232858 for CVE-2024-50119", url: "https://bugzilla.suse.com/1232858", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50119", }, { cve: "CVE-2024-50120", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50120", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Handle kstrdup failures for passwords\n\nIn smb3_reconfigure(), after duplicating ctx->password and\nctx->password2 with kstrdup(), we need to check for allocation\nfailures.\n\nIf ses->password allocation fails, return -ENOMEM.\nIf ses->password2 allocation fails, free ses->password, set it\nto NULL, and return -ENOMEM.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50120", url: "https://www.suse.com/security/cve/CVE-2024-50120", }, { category: "external", summary: "SUSE Bug 1232924 for CVE-2024-50120", url: "https://bugzilla.suse.com/1232924", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50120", }, { cve: "CVE-2024-50121", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50121", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net\n\nIn the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the\nfunction `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` will\nrelease all resources related to the hashed `nfs4_client`. If the\n`nfsd_client_shrinker` is running concurrently, the `expire_client`\nfunction will first unhash this client and then destroy it. This can\nlead to the following warning. Additionally, numerous use-after-free\nerrors may occur as well.\n\nnfsd_client_shrinker echo 0 > /proc/fs/nfsd/threads\n\nexpire_client nfsd_shutdown_net\n unhash_client ...\n nfs4_state_shutdown_net\n /* won't wait shrinker exit */\n /* cancel_work(&nn->nfsd_shrinker_work)\n * nfsd_file for this /* won't destroy unhashed client1 */\n * client1 still alive nfs4_state_destroy_net\n */\n\n nfsd_file_cache_shutdown\n /* trigger warning */\n kmem_cache_destroy(nfsd_file_slab)\n kmem_cache_destroy(nfsd_file_mark_slab)\n /* release nfsd_file and mark */\n __destroy_client\n\n====================================================================\nBUG nfsd_file (Not tainted): Objects remaining in nfsd_file on\n__kmem_cache_shutdown()\n--------------------------------------------------------------------\nCPU: 4 UID: 0 PID: 764 Comm: sh Not tainted 6.12.0-rc3+ #1\n\n dump_stack_lvl+0x53/0x70\n slab_err+0xb0/0xf0\n __kmem_cache_shutdown+0x15c/0x310\n kmem_cache_destroy+0x66/0x160\n nfsd_file_cache_shutdown+0xac/0x210 [nfsd]\n nfsd_destroy_serv+0x251/0x2a0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n====================================================================\nBUG nfsd_file_mark (Tainted: G B W ): Objects remaining\nnfsd_file_mark on __kmem_cache_shutdown()\n--------------------------------------------------------------------\n\n dump_stack_lvl+0x53/0x70\n slab_err+0xb0/0xf0\n __kmem_cache_shutdown+0x15c/0x310\n kmem_cache_destroy+0x66/0x160\n nfsd_file_cache_shutdown+0xc8/0x210 [nfsd]\n nfsd_destroy_serv+0x251/0x2a0 [nfsd]\n nfsd_svc+0x125/0x1e0 [nfsd]\n write_threads+0x16a/0x2a0 [nfsd]\n nfsctl_transaction_write+0x74/0xa0 [nfsd]\n vfs_write+0x1a5/0x6d0\n ksys_write+0xc1/0x160\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nTo resolve this issue, cancel `nfsd_shrinker_work` using synchronous\nmode in nfs4_state_shutdown_net.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50121", url: "https://www.suse.com/security/cve/CVE-2024-50121", }, { category: "external", summary: "SUSE Bug 1232925 for CVE-2024-50121", url: "https://bugzilla.suse.com/1232925", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50121", }, { cve: "CVE-2024-50122", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50122", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Hold rescan lock while adding devices during host probe\n\nSince adding the PCI power control code, we may end up with a race between\nthe pwrctl platform device rescanning the bus and host controller probe\nfunctions. The latter need to take the rescan lock when adding devices or\nwe may end up in an undefined state having two incompletely added devices\nand hit the following crash when trying to remove the device over sysfs:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Internal error: Oops: 0000000096000004 [#1] SMP\n Call trace:\n __pi_strlen+0x14/0x150\n kernfs_find_ns+0x80/0x13c\n kernfs_remove_by_name_ns+0x54/0xf0\n sysfs_remove_bin_file+0x24/0x34\n pci_remove_resource_files+0x3c/0x84\n pci_remove_sysfs_dev_files+0x28/0x38\n pci_stop_bus_device+0x8c/0xd8\n pci_stop_bus_device+0x40/0xd8\n pci_stop_and_remove_bus_device_locked+0x28/0x48\n remove_store+0x70/0xb0\n dev_attr_store+0x20/0x38\n sysfs_kf_write+0x58/0x78\n kernfs_fop_write_iter+0xe8/0x184\n vfs_write+0x2dc/0x308\n ksys_write+0x7c/0xec", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50122", url: "https://www.suse.com/security/cve/CVE-2024-50122", }, { category: "external", summary: "SUSE Bug 1232930 for CVE-2024-50122", url: "https://bugzilla.suse.com/1232930", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50122", }, { cve: "CVE-2024-50123", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50123", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add the missing BPF_LINK_TYPE invocation for sockmap\n\nThere is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap\nlink fd. Fix it by adding the missing BPF_LINK_TYPE invocation for\nsockmap link\n\nAlso add comments for bpf_link_type to prevent missing updates in the\nfuture.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50123", url: "https://www.suse.com/security/cve/CVE-2024-50123", }, { category: "external", summary: "SUSE Bug 1232857 for CVE-2024-50123", url: "https://bugzilla.suse.com/1232857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50123", }, { cve: "CVE-2024-50124", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50124", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix UAF on iso_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for iso_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\niso_sk_list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50124", url: "https://www.suse.com/security/cve/CVE-2024-50124", }, { category: "external", summary: "SUSE Bug 1232926 for CVE-2024-50124", url: "https://bugzilla.suse.com/1232926", }, { category: "external", summary: "SUSE Bug 1232927 for CVE-2024-50124", url: "https://bugzilla.suse.com/1232927", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50124", }, { cve: "CVE-2024-50125", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50125", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn->sk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn->sk is still valid by checking if it part of\nsco_sk_list.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50125", url: "https://www.suse.com/security/cve/CVE-2024-50125", }, { category: "external", summary: "SUSE Bug 1232928 for CVE-2024-50125", url: "https://bugzilla.suse.com/1232928", }, { category: "external", summary: "SUSE Bug 1232929 for CVE-2024-50125", url: "https://bugzilla.suse.com/1232929", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50125", }, { cve: "CVE-2024-50126", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50126", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in 'taprio_dump()' by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50126", url: "https://www.suse.com/security/cve/CVE-2024-50126", }, { category: "external", summary: "SUSE Bug 1232895 for CVE-2024-50126", url: "https://bugzilla.suse.com/1232895", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50126", }, { cve: "CVE-2024-50127", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50127", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix use-after-free in taprio_change()\n\nIn 'taprio_change()', 'admin' pointer may become dangling due to sched\nswitch / removal caused by 'advance_sched()', and critical section\nprotected by 'q->current_entry_lock' is too small to prevent from such\na scenario (which causes use-after-free detected by KASAN). Fix this\nby prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update\n'admin' immediately before an attempt to schedule freeing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50127", url: "https://www.suse.com/security/cve/CVE-2024-50127", }, { category: "external", summary: "SUSE Bug 1232907 for CVE-2024-50127", url: "https://bugzilla.suse.com/1232907", }, { category: "external", summary: "SUSE Bug 1232908 for CVE-2024-50127", url: "https://bugzilla.suse.com/1232908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50127", }, { cve: "CVE-2024-50128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50128", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: fix global oob in wwan_rtnl_policy\n\nThe variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to\na global out-of-bounds read when parsing the netlink attributes. Exactly\nsame bug cause as the oob fixed in commit b33fb5b801c6 (\"net: qualcomm:\nrmnet: fix global oob in rmnet_policy\").\n\n==================================================================\nBUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:388 [inline]\nBUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603\nRead of size 1 at addr ffffffff8b09cb60 by task syz.1.66276/323862\n\nCPU: 0 PID: 323862 Comm: syz.1.66276 Not tainted 6.1.70 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x14f/0x750 mm/kasan/report.c:395\n kasan_report+0x139/0x170 mm/kasan/report.c:495\n validate_nla lib/nlattr.c:388 [inline]\n __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603\n __nla_parse+0x3c/0x50 lib/nlattr.c:700\n nla_parse_nested_deprecated include/net/netlink.h:1269 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3514 [inline]\n rtnl_newlink+0x7bc/0x1fd0 net/core/rtnetlink.c:3623\n rtnetlink_rcv_msg+0x794/0xef0 net/core/rtnetlink.c:6122\n netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508\n netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline]\n netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352\n netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874\n sock_sendmsg_nosec net/socket.c:716 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499\n ___sys_sendmsg+0x21c/0x290 net/socket.c:2553\n __sys_sendmsg net/socket.c:2582 [inline]\n __do_sys_sendmsg net/socket.c:2591 [inline]\n __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f67b19a24ad\nRSP: 002b:00007f67b17febb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f67b1b45f80 RCX: 00007f67b19a24ad\nRDX: 0000000000000000 RSI: 0000000020005e40 RDI: 0000000000000004\nRBP: 00007f67b1a1e01d R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007ffd2513764f R14: 00007ffd251376e0 R15: 00007f67b17fed40\n </TASK>\n\nThe buggy address belongs to the variable:\n wwan_rtnl_policy+0x20/0x40\n\nThe buggy address belongs to the physical page:\npage:ffffea00002c2700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb09c\nflags: 0xfff00000001000(reserved|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000001000 ffffea00002c2708 ffffea00002c2708 0000000000000000\nraw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner info is not present (never set?)\n\nMemory state around the buggy address:\n ffffffff8b09ca00: 05 f9 f9 f9 05 f9 f9 f9 00 01 f9 f9 00 01 f9 f9\n ffffffff8b09ca80: 00 00 00 05 f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9\n>ffffffff8b09cb00: 00 00 00 00 05 f9 f9 f9 00 00 00 00 f9 f9 f9 f9\n ^\n ffffffff8b09cb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n==================================================================\n\nAccording to the comment of `nla_parse_nested_deprecated`, use correct size\n`IFLA_WWAN_MAX` here to fix this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50128", url: "https://www.suse.com/security/cve/CVE-2024-50128", }, { category: "external", summary: "SUSE Bug 1232905 for CVE-2024-50128", url: "https://bugzilla.suse.com/1232905", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50128", }, { cve: "CVE-2024-50129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50129", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: pse-pd: Fix out of bound for loop\n\nAdjust the loop limit to prevent out-of-bounds access when iterating over\nPI structures. The loop should not reach the index pcdev->nr_lines since\nwe allocate exactly pcdev->nr_lines number of PI structures. This fix\nensures proper bounds are maintained during iterations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50129", url: "https://www.suse.com/security/cve/CVE-2024-50129", }, { category: "external", summary: "SUSE Bug 1232856 for CVE-2024-50129", url: "https://bugzilla.suse.com/1232856", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50129", }, { cve: "CVE-2024-50130", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50130", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bpf: must hold reference on net namespace\n\nBUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0\nRead of size 8 at addr ffff8880106fe400 by task repro/72=\nbpf_nf_link_release+0xda/0x1e0\nbpf_link_free+0x139/0x2d0\nbpf_link_release+0x68/0x80\n__fput+0x414/0xb60\n\nEric says:\n It seems that bpf was able to defer the __nf_unregister_net_hook()\n after exit()/close() time.\n Perhaps a netns reference is missing, because the netns has been\n dismantled/freed already.\n bpf_nf_link_attach() does :\n link->net = net;\n But I do not see a reference being taken on net.\n\nAdd such a reference and release it after hook unreg.\nNote that I was unable to get syzbot reproducer to work, so I\ndo not know if this resolves this splat.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50130", url: "https://www.suse.com/security/cve/CVE-2024-50130", }, { category: "external", summary: "SUSE Bug 1232894 for CVE-2024-50130", url: "https://bugzilla.suse.com/1232894", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50130", }, { cve: "CVE-2024-50131", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50131", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Consider the NULL character when validating the event length\n\nstrlen() returns a string length excluding the null byte. If the string\nlength equals to the maximum buffer length, the buffer will have no\nspace for the NULL terminating character.\n\nThis commit checks this condition and returns failure for it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50131", url: "https://www.suse.com/security/cve/CVE-2024-50131", }, { category: "external", summary: "SUSE Bug 1232896 for CVE-2024-50131", url: "https://bugzilla.suse.com/1232896", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50131", }, { cve: "CVE-2024-50132", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50132", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: Fix MAX_TRACE_ARGS limit handling\n\nWhen creating a trace_probe we would set nr_args prior to truncating the\narguments to MAX_TRACE_ARGS. However, we would only initialize arguments\nup to the limit.\n\nThis caused invalid memory access when attempting to set up probes with\nmore than 128 fetchargs.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014\n RIP: 0010:__set_print_fmt+0x134/0x330\n\nResolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return\nan error when there are too many arguments instead of silently\ntruncating.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50132", url: "https://www.suse.com/security/cve/CVE-2024-50132", }, { category: "external", summary: "SUSE Bug 1232861 for CVE-2024-50132", url: "https://bugzilla.suse.com/1232861", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50132", }, { cve: "CVE-2024-50133", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50133", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nLoongArch: Don't crash in stack_top() for tasks without vDSO\n\nNot all tasks have a vDSO mapped, for example kthreads never do. If such\na task ever ends up calling stack_top(), it will derefence the NULL vdso\npointer and crash.\n\nThis can for example happen when using kunit:\n\n\t[<9000000000203874>] stack_top+0x58/0xa8\n\t[<90000000002956cc>] arch_pick_mmap_layout+0x164/0x220\n\t[<90000000003c284c>] kunit_vm_mmap_init+0x108/0x12c\n\t[<90000000003c1fbc>] __kunit_add_resource+0x38/0x8c\n\t[<90000000003c2704>] kunit_vm_mmap+0x88/0xc8\n\t[<9000000000410b14>] usercopy_test_init+0xbc/0x25c\n\t[<90000000003c1db4>] kunit_try_run_case+0x5c/0x184\n\t[<90000000003c3d54>] kunit_generic_run_threadfn_adapter+0x24/0x48\n\t[<900000000022e4bc>] kthread+0xc8/0xd4\n\t[<9000000000200ce8>] ret_from_kernel_thread+0xc/0xa4", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50133", url: "https://www.suse.com/security/cve/CVE-2024-50133", }, { category: "external", summary: "SUSE Bug 1232854 for CVE-2024-50133", url: "https://bugzilla.suse.com/1232854", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50133", }, { cve: "CVE-2024-50134", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50134", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA\n\nReplace the fake VLA at end of the vbva_mouse_pointer_shape shape with\na real VLA to fix a \"memcpy: detected field-spanning write error\" warning:\n\n[ 13.319813] memcpy: detected field-spanning write (size 16896) of single field \"p->data\" at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 (size 4)\n[ 13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 hgsmi_update_pointer_shape+0x192/0x1c0 [vboxvideo]\n[ 13.320038] Call Trace:\n[ 13.320173] hgsmi_update_pointer_shape [vboxvideo]\n[ 13.320184] vbox_cursor_atomic_update [vboxvideo]\n\nNote as mentioned in the added comment it seems the original length\ncalculation for the allocated and send hgsmi buffer is 4 bytes too large.\nChanging this is not the goal of this patch, so this behavior is kept.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50134", url: "https://www.suse.com/security/cve/CVE-2024-50134", }, { category: "external", summary: "SUSE Bug 1232890 for CVE-2024-50134", url: "https://bugzilla.suse.com/1232890", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50134", }, { cve: "CVE-2024-50135", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50135", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix race condition between reset and nvme_dev_disable()\n\nnvme_dev_disable() modifies the dev->online_queues field, therefore\nnvme_pci_update_nr_queues() should avoid racing against it, otherwise\nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().\n\n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347\n pci_irq_get_affinity+0x187/0x210\n Workqueue: nvme-reset-wq nvme_reset_work [nvme]\n RIP: 0010:pci_irq_get_affinity+0x187/0x210\n Call Trace:\n <TASK>\n ? blk_mq_pci_map_queues+0x87/0x3c0\n ? pci_irq_get_affinity+0x187/0x210\n blk_mq_pci_map_queues+0x87/0x3c0\n nvme_pci_map_queues+0x189/0x460 [nvme]\n blk_mq_update_nr_hw_queues+0x2a/0x40\n nvme_reset_work+0x1be/0x2a0 [nvme]\n\nFix the bug by locking the shutdown_lock mutex before using\ndev->online_queues. Give up if nvme_dev_disable() is running or if\nit has been executed already.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50135", url: "https://www.suse.com/security/cve/CVE-2024-50135", }, { category: "external", summary: "SUSE Bug 1232888 for CVE-2024-50135", url: "https://bugzilla.suse.com/1232888", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50135", }, { cve: "CVE-2024-50136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50136", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Unregister notifier on eswitch init failure\n\nIt otherwise remains registered and a subsequent attempt at eswitch\nenabling might trigger warnings of the sort:\n\n[ 682.589148] ------------[ cut here ]------------\n[ 682.590204] notifier callback eswitch_vport_event [mlx5_core] already registered\n[ 682.590256] WARNING: CPU: 13 PID: 2660 at kernel/notifier.c:31 notifier_chain_register+0x3e/0x90\n[...snipped]\n[ 682.610052] Call Trace:\n[ 682.610369] <TASK>\n[ 682.610663] ? __warn+0x7c/0x110\n[ 682.611050] ? notifier_chain_register+0x3e/0x90\n[ 682.611556] ? report_bug+0x148/0x170\n[ 682.611977] ? handle_bug+0x36/0x70\n[ 682.612384] ? exc_invalid_op+0x13/0x60\n[ 682.612817] ? asm_exc_invalid_op+0x16/0x20\n[ 682.613284] ? notifier_chain_register+0x3e/0x90\n[ 682.613789] atomic_notifier_chain_register+0x25/0x40\n[ 682.614322] mlx5_eswitch_enable_locked+0x1d4/0x3b0 [mlx5_core]\n[ 682.614965] mlx5_eswitch_enable+0xc9/0x100 [mlx5_core]\n[ 682.615551] mlx5_device_enable_sriov+0x25/0x340 [mlx5_core]\n[ 682.616170] mlx5_core_sriov_configure+0x50/0x170 [mlx5_core]\n[ 682.616789] sriov_numvfs_store+0xb0/0x1b0\n[ 682.617248] kernfs_fop_write_iter+0x117/0x1a0\n[ 682.617734] vfs_write+0x231/0x3f0\n[ 682.618138] ksys_write+0x63/0xe0\n[ 682.618536] do_syscall_64+0x4c/0x100\n[ 682.618958] entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50136", url: "https://www.suse.com/security/cve/CVE-2024-50136", }, { category: "external", summary: "SUSE Bug 1232914 for CVE-2024-50136", url: "https://bugzilla.suse.com/1232914", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50136", }, { cve: "CVE-2024-50137", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50137", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nreset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC\n\ndata->asserted will be NULL on JH7110 SoC since commit 82327b127d41\n(\"reset: starfive: Add StarFive JH7110 reset driver\") was added. Add\nthe judgment condition to avoid errors when calling reset_control_status\non JH7110 SoC.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50137", url: "https://www.suse.com/security/cve/CVE-2024-50137", }, { category: "external", summary: "SUSE Bug 1232932 for CVE-2024-50137", url: "https://bugzilla.suse.com/1232932", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50137", }, { cve: "CVE-2024-50138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50138", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Use raw_spinlock_t in ringbuf\n\nThe function __bpf_ringbuf_reserve is invoked from a tracepoint, which\ndisables preemption. Using spinlock_t in this context can lead to a\n\"sleep in atomic\" warning in the RT variant. This issue is illustrated\nin the example below:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 556208, name: test_progs\npreempt_count: 1, expected: 0\nRCU nest depth: 1, expected: 1\nINFO: lockdep is turned off.\nPreemption disabled at:\n[<ffffd33a5c88ea44>] migrate_enable+0xc0/0x39c\nCPU: 7 PID: 556208 Comm: test_progs Tainted: G\nHardware name: Qualcomm SA8775P Ride (DT)\nCall trace:\n dump_backtrace+0xac/0x130\n show_stack+0x1c/0x30\n dump_stack_lvl+0xac/0xe8\n dump_stack+0x18/0x30\n __might_resched+0x3bc/0x4fc\n rt_spin_lock+0x8c/0x1a4\n __bpf_ringbuf_reserve+0xc4/0x254\n bpf_ringbuf_reserve_dynptr+0x5c/0xdc\n bpf_prog_ac3d15160d62622a_test_read_write+0x104/0x238\n trace_call_bpf+0x238/0x774\n perf_call_bpf_enter.isra.0+0x104/0x194\n perf_syscall_enter+0x2f8/0x510\n trace_sys_enter+0x39c/0x564\n syscall_trace_enter+0x220/0x3c0\n do_el0_svc+0x138/0x1dc\n el0_svc+0x54/0x130\n el0t_64_sync_handler+0x134/0x150\n el0t_64_sync+0x17c/0x180\n\nSwitch the spinlock to raw_spinlock_t to avoid this error.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50138", url: "https://www.suse.com/security/cve/CVE-2024-50138", }, { category: "external", summary: "SUSE Bug 1232935 for CVE-2024-50138", url: "https://bugzilla.suse.com/1232935", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50138", }, { cve: "CVE-2024-50139", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50139", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix shift-out-of-bounds bug\n\nFix a shift-out-of-bounds bug reported by UBSAN when running\nVM with MTE enabled host kernel.\n\nUBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14\nshift exponent 33 is too large for 32-bit type 'int'\nCPU: 26 UID: 0 PID: 7629 Comm: qemu-kvm Not tainted 6.12.0-rc2 #34\nHardware name: IEI NF5280R7/Mitchell MB, BIOS 00.00. 2024-10-12 09:28:54 10/14/2024\nCall trace:\n dump_backtrace+0xa0/0x128\n show_stack+0x20/0x38\n dump_stack_lvl+0x74/0x90\n dump_stack+0x18/0x28\n __ubsan_handle_shift_out_of_bounds+0xf8/0x1e0\n reset_clidr+0x10c/0x1c8\n kvm_reset_sys_regs+0x50/0x1c8\n kvm_reset_vcpu+0xec/0x2b0\n __kvm_vcpu_set_target+0x84/0x158\n kvm_vcpu_set_target+0x138/0x168\n kvm_arch_vcpu_ioctl_vcpu_init+0x40/0x2b0\n kvm_arch_vcpu_ioctl+0x28c/0x4b8\n kvm_vcpu_ioctl+0x4bc/0x7a8\n __arm64_sys_ioctl+0xb4/0x100\n invoke_syscall+0x70/0x100\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x3c/0x158\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x194/0x198", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50139", url: "https://www.suse.com/security/cve/CVE-2024-50139", }, { category: "external", summary: "SUSE Bug 1233062 for CVE-2024-50139", url: "https://bugzilla.suse.com/1233062", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50139", }, { cve: "CVE-2024-50140", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50140", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq->__lock ]\n -> task_tick_mm_cid()\n -> task_work_add()\n -> __kasan_record_aux_stack()\n -> kasan_save_stack()\n -> stack_depot_save_flags()\n -> alloc_pages_mpol_noprof()\n -> __alloc_pages_noprof()\n\t -> get_page_from_freelist()\n\t -> rmqueue()\n\t -> rmqueue_pcplist()\n\t -> __rmqueue_pcplist()\n\t -> rmqueue_bulk()\n\t -> rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can't sleep while holding\nit. IOW, we can't call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50140", url: "https://www.suse.com/security/cve/CVE-2024-50140", }, { category: "external", summary: "SUSE Bug 1233060 for CVE-2024-50140", url: "https://bugzilla.suse.com/1233060", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50140", }, { cve: "CVE-2024-50141", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50141", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context\n\nPRMT needs to find the correct type of block to translate the PA-VA\nmapping for EFI runtime services.\n\nThe issue arises because the PRMT is finding a block of type\nEFI_CONVENTIONAL_MEMORY, which is not appropriate for runtime services\nas described in Section 2.2.2 (Runtime Services) of the UEFI\nSpecification [1]. Since the PRM handler is a type of runtime service,\nthis causes an exception when the PRM handler is called.\n\n [Firmware Bug]: Unable to handle paging request in EFI runtime service\n WARNING: CPU: 22 PID: 4330 at drivers/firmware/efi/runtime-wrappers.c:341\n __efi_queue_work+0x11c/0x170\n Call trace:\n\nLet PRMT find a block with EFI_MEMORY_RUNTIME for PRM handler and PRM\ncontext.\n\nIf no suitable block is found, a warning message will be printed, but\nthe procedure continues to manage the next PRM handler.\n\nHowever, if the PRM handler is actually called without proper allocation,\nit would result in a failure during error handling.\n\nBy using the correct memory types for runtime services, ensure that the\nPRM handler and the context are properly mapped in the virtual address\nspace during runtime, preventing the paging request error.\n\nThe issue is really that only memory that has been remapped for runtime\nby the firmware can be used by the PRM handler, and so the region needs\nto have the EFI_MEMORY_RUNTIME attribute.\n\n[ rjw: Subject and changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50141", url: "https://www.suse.com/security/cve/CVE-2024-50141", }, { category: "external", summary: "SUSE Bug 1233065 for CVE-2024-50141", url: "https://bugzilla.suse.com/1233065", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50141", }, { cve: "CVE-2024-50142", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50142", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA's prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn't put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx->sel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that's how\nprefixlen is going to be used later on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50142", url: "https://www.suse.com/security/cve/CVE-2024-50142", }, { category: "external", summary: "SUSE Bug 1233028 for CVE-2024-50142", url: "https://bugzilla.suse.com/1233028", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50142", }, { cve: "CVE-2024-50143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50143", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: fix uninit-value use in udf_get_fileshortad\n\nCheck for overflow when computing alen in udf_current_aext to mitigate\nlater uninit-value use in udf_get_fileshortad KMSAN bug[1].\nAfter applying the patch reproducer did not trigger any issue[2].\n\n[1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df\n[2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50143", url: "https://www.suse.com/security/cve/CVE-2024-50143", }, { category: "external", summary: "SUSE Bug 1233038 for CVE-2024-50143", url: "https://bugzilla.suse.com/1233038", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50143", }, { cve: "CVE-2024-50144", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50144", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: fix unbalanced rpm put() with fence_fini()\n\nCurrently we can call fence_fini() twice if something goes wrong when\nsending the GuC CT for the tlb request, since we signal the fence and\nreturn an error, leading to the caller also calling fini() on the error\npath in the case of stack version of the flow, which leads to an extra\nrpm put() which might later cause device to enter suspend when it\nshouldn't. It looks like we can just drop the fini() call since the\nfence signaller side will already call this for us.\n\nThere are known mysterious splats with device going to sleep even with\nan rpm ref, and this could be one candidate.\n\nv2 (Matt B):\n - Prefer warning if we detect double fini()\n\n(cherry picked from commit cfcbc0520d5055825f0647ab922b655688605183)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50144", url: "https://www.suse.com/security/cve/CVE-2024-50144", }, { category: "external", summary: "SUSE Bug 1233040 for CVE-2024-50144", url: "https://bugzilla.suse.com/1233040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 2.5, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50144", }, { cve: "CVE-2024-50145", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50145", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()\n\nbuild_skb() returns NULL in case of a memory allocation failure so handle\nit inside __octep_oq_process_rx() to avoid NULL pointer dereference.\n\n__octep_oq_process_rx() is called during NAPI polling by the driver. If\nskb allocation fails, keep on pulling packets out of the Rx DMA queue: we\nshouldn't break the polling immediately and thus falsely indicate to the\noctep_napi_poll() that the Rx pressure is going down. As there is no\nassociated skb in this case, don't process the packets and don't push them\nup the network stack - they are skipped.\n\nHelper function is implemented to unmmap/flush all the fragment buffers\nused by the dropped packet. 'alloc_failures' counter is incremented to\nmark the skb allocation error in driver statistics.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50145", url: "https://www.suse.com/security/cve/CVE-2024-50145", }, { category: "external", summary: "SUSE Bug 1233044 for CVE-2024-50145", url: "https://bugzilla.suse.com/1233044", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50145", }, { cve: "CVE-2024-50146", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50146", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Don't call cleanup on profile rollback failure\n\nWhen profile rollback fails in mlx5e_netdev_change_profile, the netdev\nprofile var is left set to NULL. Avoid a crash when unloading the driver\nby not calling profile->cleanup in such a case.\n\nThis was encountered while testing, with the original trigger that\nthe wq rescuer thread creation got interrupted (presumably due to\nCtrl+C-ing modprobe), which gets converted to ENOMEM (-12) by\nmlx5e_priv_init, the profile rollback also fails for the same reason\n(signal still active) so the profile is left as NULL, leading to a crash\nlater in _mlx5e_remove.\n\n [ 732.473932] mlx5_core 0000:08:00.1: E-Switch: Unload vfs: mode(OFFLOADS), nvfs(2), necvfs(0), active vports(2)\n [ 734.525513] workqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\n [ 734.557372] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12\n [ 734.559187] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: new profile init failed, -12\n [ 734.560153] workqueue: Failed to create a rescuer kthread for wq \"mlx5e\": -EINTR\n [ 734.589378] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12\n [ 734.591136] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12\n [ 745.537492] BUG: kernel NULL pointer dereference, address: 0000000000000008\n [ 745.538222] #PF: supervisor read access in kernel mode\n<snipped>\n [ 745.551290] Call Trace:\n [ 745.551590] <TASK>\n [ 745.551866] ? __die+0x20/0x60\n [ 745.552218] ? page_fault_oops+0x150/0x400\n [ 745.555307] ? exc_page_fault+0x79/0x240\n [ 745.555729] ? asm_exc_page_fault+0x22/0x30\n [ 745.556166] ? mlx5e_remove+0x6b/0xb0 [mlx5_core]\n [ 745.556698] auxiliary_bus_remove+0x18/0x30\n [ 745.557134] device_release_driver_internal+0x1df/0x240\n [ 745.557654] bus_remove_device+0xd7/0x140\n [ 745.558075] device_del+0x15b/0x3c0\n [ 745.558456] mlx5_rescan_drivers_locked.part.0+0xb1/0x2f0 [mlx5_core]\n [ 745.559112] mlx5_unregister_device+0x34/0x50 [mlx5_core]\n [ 745.559686] mlx5_uninit_one+0x46/0xf0 [mlx5_core]\n [ 745.560203] remove_one+0x4e/0xd0 [mlx5_core]\n [ 745.560694] pci_device_remove+0x39/0xa0\n [ 745.561112] device_release_driver_internal+0x1df/0x240\n [ 745.561631] driver_detach+0x47/0x90\n [ 745.562022] bus_remove_driver+0x84/0x100\n [ 745.562444] pci_unregister_driver+0x3b/0x90\n [ 745.562890] mlx5_cleanup+0xc/0x1b [mlx5_core]\n [ 745.563415] __x64_sys_delete_module+0x14d/0x2f0\n [ 745.563886] ? kmem_cache_free+0x1b0/0x460\n [ 745.564313] ? lockdep_hardirqs_on_prepare+0xe2/0x190\n [ 745.564825] do_syscall_64+0x6d/0x140\n [ 745.565223] entry_SYSCALL_64_after_hwframe+0x4b/0x53\n [ 745.565725] RIP: 0033:0x7f1579b1288b", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50146", url: "https://www.suse.com/security/cve/CVE-2024-50146", }, { category: "external", summary: "SUSE Bug 1233056 for CVE-2024-50146", url: "https://bugzilla.suse.com/1233056", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50146", }, { cve: "CVE-2024-50147", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50147", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix command bitmask initialization\n\nCommand bitmask have a dedicated bit for MANAGE_PAGES command, this bit\nisn't Initialize during command bitmask Initialization, only during\nMANAGE_PAGES.\n\nIn addition, mlx5_cmd_trigger_completions() is trying to trigger\ncompletion for MANAGE_PAGES command as well.\n\nHence, in case health error occurred before any MANAGE_PAGES command\nhave been invoke (for example, during mlx5_enable_hca()),\nmlx5_cmd_trigger_completions() will try to trigger completion for\nMANAGE_PAGES command, which will result in null-ptr-deref error.[1]\n\nFix it by Initialize command bitmask correctly.\n\nWhile at it, re-write the code for better understanding.\n\n[1]\nBUG: KASAN: null-ptr-deref in mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core]\nWrite of size 4 at addr 0000000000000214 by task kworker/u96:2/12078\nCPU: 10 PID: 12078 Comm: kworker/u96:2 Not tainted 6.9.0-rc2_for_upstream_debug_2024_04_07_19_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_health0000:08:00.0 mlx5_fw_fatal_reporter_err_work [mlx5_core]\nCall Trace:\n <TASK>\n dump_stack_lvl+0x7e/0xc0\n kasan_report+0xb9/0xf0\n kasan_check_range+0xec/0x190\n mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core]\n mlx5_cmd_flush+0x94/0x240 [mlx5_core]\n enter_error_state+0x6c/0xd0 [mlx5_core]\n mlx5_fw_fatal_reporter_err_work+0xf3/0x480 [mlx5_core]\n process_one_work+0x787/0x1490\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? pwq_dec_nr_in_flight+0xda0/0xda0\n ? assign_work+0x168/0x240\n worker_thread+0x586/0xd30\n ? rescuer_thread+0xae0/0xae0\n kthread+0x2df/0x3b0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50147", url: "https://www.suse.com/security/cve/CVE-2024-50147", }, { category: "external", summary: "SUSE Bug 1233067 for CVE-2024-50147", url: "https://bugzilla.suse.com/1233067", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50147", }, { cve: "CVE-2024-50148", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50148", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere's issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n <TASK>\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock's resource.\nTo solve above issue just return bnep_sock_init()'s return value in\nbnep_exit().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50148", url: "https://www.suse.com/security/cve/CVE-2024-50148", }, { category: "external", summary: "SUSE Bug 1233063 for CVE-2024-50148", url: "https://bugzilla.suse.com/1233063", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50148", }, { cve: "CVE-2024-50149", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50149", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Don't free job in TDR\n\nFreeing job in TDR is not safe as TDR can pass the run_job thread\nresulting in UAF. It is only safe for free job to naturally be called by\nthe scheduler. Rather free job in TDR, add to pending list.\n\n(cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50149", url: "https://www.suse.com/security/cve/CVE-2024-50149", }, { category: "external", summary: "SUSE Bug 1233034 for CVE-2024-50149", url: "https://bugzilla.suse.com/1233034", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50149", }, { cve: "CVE-2024-50150", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50150", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmode should keep reference to parent\n\nThe altmode device release refers to its parent device, but without keeping\na reference to it.\n\nWhen registering the altmode, get a reference to the parent and put it in\nthe release function.\n\nBefore this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues\nlike this:\n\n[ 43.572860] kobject: 'port0.0' (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.573532] kobject: 'port0.1' (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000)\n[ 43.574407] kobject: 'port0' (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.575059] kobject: 'port1.0' (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.575908] kobject: 'port1.1' (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.576908] kobject: 'typec' (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.577769] kobject: 'port1' (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 46.612867] ==================================================================\n[ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129\n[ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48\n[ 46.614538]\n[ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535\n[ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 46.616042] Workqueue: events kobject_delayed_cleanup\n[ 46.616446] Call Trace:\n[ 46.616648] <TASK>\n[ 46.616820] dump_stack_lvl+0x5b/0x7c\n[ 46.617112] ? typec_altmode_release+0x38/0x129\n[ 46.617470] print_report+0x14c/0x49e\n[ 46.617769] ? rcu_read_unlock_sched+0x56/0x69\n[ 46.618117] ? __virt_addr_valid+0x19a/0x1ab\n[ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d\n[ 46.618807] ? typec_altmode_release+0x38/0x129\n[ 46.619161] kasan_report+0x8d/0xb4\n[ 46.619447] ? typec_altmode_release+0x38/0x129\n[ 46.619809] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620185] typec_altmode_release+0x38/0x129\n[ 46.620537] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620907] device_release+0xaf/0xf2\n[ 46.621206] kobject_delayed_cleanup+0x13b/0x17a\n[ 46.621584] process_scheduled_works+0x4f6/0x85f\n[ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10\n[ 46.622353] ? hlock_class+0x31/0x9a\n[ 46.622647] ? lock_acquired+0x361/0x3c3\n[ 46.622956] ? move_linked_works+0x46/0x7d\n[ 46.623277] worker_thread+0x1ce/0x291\n[ 46.623582] ? __kthread_parkme+0xc8/0xdf\n[ 46.623900] ? __pfx_worker_thread+0x10/0x10\n[ 46.624236] kthread+0x17e/0x190\n[ 46.624501] ? kthread+0xfb/0x190\n[ 46.624756] ? __pfx_kthread+0x10/0x10\n[ 46.625015] ret_from_fork+0x20/0x40\n[ 46.625268] ? __pfx_kthread+0x10/0x10\n[ 46.625532] ret_from_fork_asm+0x1a/0x30\n[ 46.625805] </TASK>\n[ 46.625953]\n[ 46.626056] Allocated by task 678:\n[ 46.626287] kasan_save_stack+0x24/0x44\n[ 46.626555] kasan_save_track+0x14/0x2d\n[ 46.626811] __kasan_kmalloc+0x3f/0x4d\n[ 46.627049] __kmalloc_noprof+0x1bf/0x1f0\n[ 46.627362] typec_register_port+0x23/0x491\n[ 46.627698] cros_typec_probe+0x634/0xbb6\n[ 46.628026] platform_probe+0x47/0x8c\n[ 46.628311] really_probe+0x20a/0x47d\n[ 46.628605] device_driver_attach+0x39/0x72\n[ 46.628940] bind_store+0x87/0xd7\n[ 46.629213] kernfs_fop_write_iter+0x1aa/0x218\n[ 46.629574] vfs_write+0x1d6/0x29b\n[ 46.629856] ksys_write+0xcd/0x13b\n[ 46.630128] do_syscall_64+0xd4/0x139\n[ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 46.630820]\n[ 46.630946] Freed by task 48:\n[ 46.631182] kasan_save_stack+0x24/0x44\n[ 46.631493] kasan_save_track+0x14/0x2d\n[ 46.631799] kasan_save_free_info+0x3f/0x4d\n[ 46.632144] __kasan_slab_free+0x37/0x45\n[ 46.632474]\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50150", url: "https://www.suse.com/security/cve/CVE-2024-50150", }, { category: "external", summary: "SUSE Bug 1233051 for CVE-2024-50150", url: "https://bugzilla.suse.com/1233051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50150", }, { cve: "CVE-2024-50151", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50151", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix OOBs when building SMB2_IOCTL request\n\nWhen using encryption, either enforced by the server or when using\n'seal' mount option, the client will squash all compound request buffers\ndown for encryption into a single iov in smb2_set_next_command().\n\nSMB2_ioctl_init() allocates a small buffer (448 bytes) to hold the\nSMB2_IOCTL request in the first iov, and if the user passes an input\nbuffer that is greater than 328 bytes, smb2_set_next_command() will\nend up writing off the end of @rqst->iov[0].iov_base as shown below:\n\n mount.cifs //srv/share /mnt -o ...,seal\n ln -s $(perl -e \"print('a')for 1..1024\") /mnt/link\n\n BUG: KASAN: slab-out-of-bounds in\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n Write of size 4116 at addr ffff8881148fcab8 by task ln/859\n\n CPU: 1 UID: 0 PID: 859 Comm: ln Not tainted 6.12.0-rc3 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n 1.16.3-2.fc40 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x5d/0x80\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n print_report+0x156/0x4d9\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n ? __virt_addr_valid+0x145/0x310\n ? __phys_addr+0x46/0x90\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n kasan_report+0xda/0x110\n ? smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n kasan_check_range+0x10f/0x1f0\n __asan_memcpy+0x3c/0x60\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\n smb2_compound_op+0x238c/0x3840 [cifs]\n ? kasan_save_track+0x14/0x30\n ? kasan_save_free_info+0x3b/0x70\n ? vfs_symlink+0x1a1/0x2c0\n ? do_symlinkat+0x108/0x1c0\n ? __pfx_smb2_compound_op+0x10/0x10 [cifs]\n ? kmem_cache_free+0x118/0x3e0\n ? cifs_get_writable_path+0xeb/0x1a0 [cifs]\n smb2_get_reparse_inode+0x423/0x540 [cifs]\n ? __pfx_smb2_get_reparse_inode+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? __kmalloc_noprof+0x37c/0x480\n ? smb2_create_reparse_symlink+0x257/0x490 [cifs]\n ? smb2_create_reparse_symlink+0x38f/0x490 [cifs]\n smb2_create_reparse_symlink+0x38f/0x490 [cifs]\n ? __pfx_smb2_create_reparse_symlink+0x10/0x10 [cifs]\n ? find_held_lock+0x8a/0xa0\n ? hlock_class+0x32/0xb0\n ? __build_path_from_dentry_optional_prefix+0x19d/0x2e0 [cifs]\n cifs_symlink+0x24f/0x960 [cifs]\n ? __pfx_make_vfsuid+0x10/0x10\n ? __pfx_cifs_symlink+0x10/0x10 [cifs]\n ? make_vfsgid+0x6b/0xc0\n ? generic_permission+0x96/0x2d0\n vfs_symlink+0x1a1/0x2c0\n do_symlinkat+0x108/0x1c0\n ? __pfx_do_symlinkat+0x10/0x10\n ? strncpy_from_user+0xaa/0x160\n __x64_sys_symlinkat+0xb9/0xf0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f08d75c13bb", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50151", url: "https://www.suse.com/security/cve/CVE-2024-50151", }, { category: "external", summary: "SUSE Bug 1233055 for CVE-2024-50151", url: "https://bugzilla.suse.com/1233055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50151", }, { cve: "CVE-2024-50152", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50152", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50152", url: "https://www.suse.com/security/cve/CVE-2024-50152", }, { category: "external", summary: "SUSE Bug 1233033 for CVE-2024-50152", url: "https://bugzilla.suse.com/1233033", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50152", }, { cve: "CVE-2024-50153", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50153", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Fix null-ptr-deref in target_alloc_device()\n\nThere is a null-ptr-deref issue reported by KASAN:\n\nBUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod]\n...\n kasan_report+0xb9/0xf0\n target_alloc_device+0xbc4/0xbe0 [target_core_mod]\n core_dev_setup_virtual_lun0+0xef/0x1f0 [target_core_mod]\n target_core_init_configfs+0x205/0x420 [target_core_mod]\n do_one_initcall+0xdd/0x4e0\n...\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nIn target_alloc_device(), if allocing memory for dev queues fails, then\ndev will be freed by dev->transport->free_device(), but dev->transport\nis not initialized at that time, which will lead to a null pointer\nreference problem.\n\nFixing this bug by freeing dev with hba->backend->ops->free_device().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50153", url: "https://www.suse.com/security/cve/CVE-2024-50153", }, { category: "external", summary: "SUSE Bug 1233061 for CVE-2024-50153", url: "https://bugzilla.suse.com/1233061", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50153", }, { cve: "CVE-2024-50154", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50154", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req->sk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer->entry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req->sk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req->sk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req->sk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req->sk\n\nLet's not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50154", url: "https://www.suse.com/security/cve/CVE-2024-50154", }, { category: "external", summary: "SUSE Bug 1233070 for CVE-2024-50154", url: "https://bugzilla.suse.com/1233070", }, { category: "external", summary: "SUSE Bug 1233072 for CVE-2024-50154", url: "https://bugzilla.suse.com/1233072", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50154", }, { cve: "CVE-2024-50155", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50155", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: use cond_resched() in nsim_dev_trap_report_work()\n\nI am still seeing many syzbot reports hinting that syzbot\nmight fool nsim_dev_trap_report_work() with hundreds of ports [1]\n\nLets use cond_resched(), and system_unbound_wq\ninstead of implicit system_wq.\n\n[1]\nINFO: task syz-executor:20633 blocked for more than 143 seconds.\n Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz-executor state:D stack:25856 pid:20633 tgid:20633 ppid:1 flags:0x00004006\n...\nNMI backtrace for cpu 1\nCPU: 1 UID: 0 PID: 16760 Comm: kworker/1:0 Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events nsim_dev_trap_report_work\n RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:210\nCode: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 c3 c7 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0\nRSP: 0018:ffffc90000a187e8 EFLAGS: 00000246\nRAX: 0000000000000100 RBX: ffffc90000a188e0 RCX: ffff888027d3bc00\nRDX: ffff888027d3bc00 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffff88804a2e6000 R08: ffffffff8a4bc495 R09: ffffffff89da3577\nR10: 0000000000000004 R11: ffffffff8a4bc2b0 R12: dffffc0000000000\nR13: ffff88806573b503 R14: dffffc0000000000 R15: ffff8880663cca00\nFS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fc90a747f98 CR3: 000000000e734000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 000000000000002b DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400\nCall Trace:\n <NMI>\n </NMI>\n <TASK>\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline]\n nsim_dev_trap_report_work+0x75d/0xaa0 drivers/net/netdevsim/dev.c:850\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n </TASK>", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50155", url: "https://www.suse.com/security/cve/CVE-2024-50155", }, { category: "external", summary: "SUSE Bug 1233035 for CVE-2024-50155", url: "https://bugzilla.suse.com/1233035", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50155", }, { cve: "CVE-2024-50156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50156", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Avoid NULL dereference in msm_disp_state_print_regs()\n\nIf the allocation in msm_disp_state_dump_regs() failed then\n`block->state` can be NULL. The msm_disp_state_print_regs() function\n_does_ have code to try to handle it with:\n\n if (*reg)\n dump_addr = *reg;\n\n...but since \"dump_addr\" is initialized to NULL the above is actually\na noop. The code then goes on to dereference `dump_addr`.\n\nMake the function print \"Registers not stored\" when it sees a NULL to\nsolve this. Since we're touching the code, fix\nmsm_disp_state_print_regs() not to pointlessly take a double-pointer\nand properly mark the pointer as `const`.\n\nPatchwork: https://patchwork.freedesktop.org/patch/619657/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50156", url: "https://www.suse.com/security/cve/CVE-2024-50156", }, { category: "external", summary: "SUSE Bug 1233073 for CVE-2024-50156", url: "https://bugzilla.suse.com/1233073", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50156", }, { cve: "CVE-2024-50157", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50157", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop\n\nDriver waits indefinitely for the fifo occupancy to go below a threshold\nas soon as the pacing interrupt is received. This can cause soft lockup on\none of the processors, if the rate of DB is very high.\n\nAdd a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th\nif the loop is taking more time. Pacing will be continuing until the\noccupancy is below the threshold. This is ensured by the checks in\nbnxt_re_pacing_timer_exp and further scheduling the work for pacing based\non the fifo occupancy.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50157", url: "https://www.suse.com/security/cve/CVE-2024-50157", }, { category: "external", summary: "SUSE Bug 1233032 for CVE-2024-50157", url: "https://bugzilla.suse.com/1233032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50157", }, { cve: "CVE-2024-50158", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50158", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix out of bound check\n\nDriver exports pacing stats only on GenP5 and P7 adapters. But while\nparsing the pacing stats, driver has a check for \"rdev->dbr_pacing\". This\ncaused a trace when KASAN is enabled.\n\nBUG: KASAN: slab-out-of-bounds in bnxt_re_get_hw_stats+0x2b6a/0x2e00 [bnxt_re]\nWrite of size 8 at addr ffff8885942a6340 by task modprobe/4809", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50158", url: "https://www.suse.com/security/cve/CVE-2024-50158", }, { category: "external", summary: "SUSE Bug 1233036 for CVE-2024-50158", url: "https://bugzilla.suse.com/1233036", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50158", }, { cve: "CVE-2024-50159", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50159", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()\n\nClang static checker(scan-build) throws below warning:\n | drivers/firmware/arm_scmi/driver.c:line 2915, column 2\n | Attempt to free released memory.\n\nWhen devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup()\nwill run twice which causes double free of 'dbg->name'.\n\nRemove the redundant scmi_debugfs_common_cleanup() to fix this problem.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50159", url: "https://www.suse.com/security/cve/CVE-2024-50159", }, { category: "external", summary: "SUSE Bug 1233041 for CVE-2024-50159", url: "https://bugzilla.suse.com/1233041", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50159", }, { cve: "CVE-2024-50160", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50160", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs8409: Fix possible NULL dereference\n\nIf snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then\nNULL pointer dereference will occur in the next line.\n\nSince dolphin_fixups function is a hda_fixup function which is not supposed\nto return any errors, add simple check before dereference, ignore the fail.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50160", url: "https://www.suse.com/security/cve/CVE-2024-50160", }, { category: "external", summary: "SUSE Bug 1233074 for CVE-2024-50160", url: "https://bugzilla.suse.com/1233074", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50160", }, { cve: "CVE-2024-50161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50161", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check the remaining info_cnt before repeating btf fields\n\nWhen trying to repeat the btf fields for array of nested struct, it\ndoesn't check the remaining info_cnt. The following splat will be\nreported when the value of ret * nelems is greater than BTF_FIELDS_MAX:\n\n ------------[ cut here ]------------\n UBSAN: array-index-out-of-bounds in ../kernel/bpf/btf.c:3951:49\n index 11 is out of range for type 'btf_field_info [11]'\n CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1\n Tainted: [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...\n Call Trace:\n <TASK>\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n ubsan_epilogue+0x9/0x40\n __ubsan_handle_out_of_bounds+0x6f/0x80\n ? kallsyms_lookup_name+0x48/0xb0\n btf_parse_fields+0x992/0xce0\n map_create+0x591/0x770\n __sys_bpf+0x229/0x2410\n __x64_sys_bpf+0x1f/0x30\n x64_sys_call+0x199/0x9f0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x7fea56f2cc5d\n ......\n </TASK>\n ---[ end trace ]---\n\nFix it by checking the remaining info_cnt in btf_repeat_fields() before\nrepeating the btf fields.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50161", url: "https://www.suse.com/security/cve/CVE-2024-50161", }, { category: "external", summary: "SUSE Bug 1233037 for CVE-2024-50161", url: "https://bugzilla.suse.com/1233037", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50161", }, { cve: "CVE-2024-50162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50162", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: devmap: provide rxq after redirect\n\nrxq contains a pointer to the device from where\nthe redirect happened. Currently, the BPF program\nthat was executed after a redirect via BPF_MAP_TYPE_DEVMAP*\ndoes not have it set.\n\nThis is particularly bad since accessing ingress_ifindex, e.g.\n\nSEC(\"xdp\")\nint prog(struct xdp_md *pkt)\n{\n return bpf_redirect_map(&dev_redirect_map, 0, 0);\n}\n\nSEC(\"xdp/devmap\")\nint prog_after_redirect(struct xdp_md *pkt)\n{\n bpf_printk(\"ifindex %i\", pkt->ingress_ifindex);\n return XDP_PASS;\n}\n\ndepends on access to rxq, so a NULL pointer gets dereferenced:\n\n<1>[ 574.475170] BUG: kernel NULL pointer dereference, address: 0000000000000000\n<1>[ 574.475188] #PF: supervisor read access in kernel mode\n<1>[ 574.475194] #PF: error_code(0x0000) - not-present page\n<6>[ 574.475199] PGD 0 P4D 0\n<4>[ 574.475207] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n<4>[ 574.475217] CPU: 4 UID: 0 PID: 217 Comm: kworker/4:1 Not tainted 6.11.0-rc5-reduced-00859-g780801200300 #23\n<4>[ 574.475226] Hardware name: Intel(R) Client Systems NUC13ANHi7/NUC13ANBi7, BIOS ANRPL357.0026.2023.0314.1458 03/14/2023\n<4>[ 574.475231] Workqueue: mld mld_ifc_work\n<4>[ 574.475247] RIP: 0010:bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n<4>[ 574.475257] Code: cc cc cc cc cc cc cc 80 00 00 00 cc cc cc cc cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 66 90 55 48 89 e5 f3 0f 1e fa 48 8b 57 20 <48> 8b 52 00 8b 92 e0 00 00 00 48 bf f8 a6 d5 c4 5d a0 ff ff be 0b\n<4>[ 574.475263] RSP: 0018:ffffa62440280c98 EFLAGS: 00010206\n<4>[ 574.475269] RAX: ffffa62440280cd8 RBX: 0000000000000001 RCX: 0000000000000000\n<4>[ 574.475274] RDX: 0000000000000000 RSI: ffffa62440549048 RDI: ffffa62440280ce0\n<4>[ 574.475278] RBP: ffffa62440280c98 R08: 0000000000000002 R09: 0000000000000001\n<4>[ 574.475281] R10: ffffa05dc8b98000 R11: ffffa05f577fca40 R12: ffffa05dcab24000\n<4>[ 574.475285] R13: ffffa62440280ce0 R14: ffffa62440549048 R15: ffffa62440549000\n<4>[ 574.475289] FS: 0000000000000000(0000) GS:ffffa05f4f700000(0000) knlGS:0000000000000000\n<4>[ 574.475294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n<4>[ 574.475298] CR2: 0000000000000000 CR3: 000000025522e000 CR4: 0000000000f50ef0\n<4>[ 574.475303] PKRU: 55555554\n<4>[ 574.475306] Call Trace:\n<4>[ 574.475313] <IRQ>\n<4>[ 574.475318] ? __die+0x23/0x70\n<4>[ 574.475329] ? page_fault_oops+0x180/0x4c0\n<4>[ 574.475339] ? skb_pp_cow_data+0x34c/0x490\n<4>[ 574.475346] ? kmem_cache_free+0x257/0x280\n<4>[ 574.475357] ? exc_page_fault+0x67/0x150\n<4>[ 574.475368] ? asm_exc_page_fault+0x26/0x30\n<4>[ 574.475381] ? bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n<4>[ 574.475386] bq_xmit_all+0x158/0x420\n<4>[ 574.475397] __dev_flush+0x30/0x90\n<4>[ 574.475407] veth_poll+0x216/0x250 [veth]\n<4>[ 574.475421] __napi_poll+0x28/0x1c0\n<4>[ 574.475430] net_rx_action+0x32d/0x3a0\n<4>[ 574.475441] handle_softirqs+0xcb/0x2c0\n<4>[ 574.475451] do_softirq+0x40/0x60\n<4>[ 574.475458] </IRQ>\n<4>[ 574.475461] <TASK>\n<4>[ 574.475464] __local_bh_enable_ip+0x66/0x70\n<4>[ 574.475471] __dev_queue_xmit+0x268/0xe40\n<4>[ 574.475480] ? selinux_ip_postroute+0x213/0x420\n<4>[ 574.475491] ? alloc_skb_with_frags+0x4a/0x1d0\n<4>[ 574.475502] ip6_finish_output2+0x2be/0x640\n<4>[ 574.475512] ? nf_hook_slow+0x42/0xf0\n<4>[ 574.475521] ip6_finish_output+0x194/0x300\n<4>[ 574.475529] ? __pfx_ip6_finish_output+0x10/0x10\n<4>[ 574.475538] mld_sendpack+0x17c/0x240\n<4>[ 574.475548] mld_ifc_work+0x192/0x410\n<4>[ 574.475557] process_one_work+0x15d/0x380\n<4>[ 574.475566] worker_thread+0x29d/0x3a0\n<4>[ 574.475573] ? __pfx_worker_thread+0x10/0x10\n<4>[ 574.475580] ? __pfx_worker_thread+0x10/0x10\n<4>[ 574.475587] kthread+0xcd/0x100\n<4>[ 574.475597] ? __pfx_kthread+0x10/0x10\n<4>[ 574.475606] ret_from_fork+0x31/0x50\n<4>[ 574.475615] ? __pfx_kthread+0x10/0x10\n<4>[ 574.475623] ret_from_fork_asm+0x1a/0x\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50162", url: "https://www.suse.com/security/cve/CVE-2024-50162", }, { category: "external", summary: "SUSE Bug 1233075 for CVE-2024-50162", url: "https://bugzilla.suse.com/1233075", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50162", }, { cve: "CVE-2024-50163", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50163", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Make sure internal and UAPI bpf_redirect flags don't overlap\n\nThe bpf_redirect_info is shared between the SKB and XDP redirect paths,\nand the two paths use the same numeric flag values in the ri->flags\nfield (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP). This means that\nif skb bpf_redirect_neigh() is used with a non-NULL params argument and,\nsubsequently, an XDP redirect is performed using the same\nbpf_redirect_info struct, the XDP path will get confused and end up\ncrashing, which syzbot managed to trigger.\n\nWith the stack-allocated bpf_redirect_info, the structure is no longer\nshared between the SKB and XDP paths, so the crash doesn't happen\nanymore. However, different code paths using identically-numbered flag\nvalues in the same struct field still seems like a bit of a mess, so\nthis patch cleans that up by moving the flag definitions together and\nredefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap\nwith the flags used for XDP. It also adds a BUILD_BUG_ON() check to make\nsure the overlap is not re-introduced by mistake.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50163", url: "https://www.suse.com/security/cve/CVE-2024-50163", }, { category: "external", summary: "SUSE Bug 1233098 for CVE-2024-50163", url: "https://bugzilla.suse.com/1233098", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50163", }, { cve: "CVE-2024-50164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50164", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix overloading of MEM_UNINIT's meaning\n\nLonial reported an issue in the BPF verifier where check_mem_size_reg()\nhas the following code:\n\n if (!tnum_is_const(reg->var_off))\n /* For unprivileged variable accesses, disable raw\n * mode so that the program is required to\n * initialize all the memory that the helper could\n * just partially fill up.\n */\n meta = NULL;\n\nThis means that writes are not checked when the register containing the\nsize of the passed buffer has not a fixed size. Through this bug, a BPF\nprogram can write to a map which is marked as read-only, for example,\n.rodata global maps.\n\nThe problem is that MEM_UNINIT's initial meaning that \"the passed buffer\nto the BPF helper does not need to be initialized\" which was added back\nin commit 435faee1aae9 (\"bpf, verifier: add ARG_PTR_TO_RAW_STACK type\")\ngot overloaded over time with \"the passed buffer is being written to\".\n\nThe problem however is that checks such as the above which were added later\nvia 06c1c049721a (\"bpf: allow helpers access to variable memory\") set meta\nto NULL in order force the user to always initialize the passed buffer to\nthe helper. Due to the current double meaning of MEM_UNINIT, this bypasses\nverifier write checks to the memory (not boundary checks though) and only\nassumes the latter memory is read instead.\n\nFix this by reverting MEM_UNINIT back to its original meaning, and having\nMEM_WRITE as an annotation to BPF helpers in order to then trigger the\nBPF verifier checks for writing to memory.\n\nSome notes: check_arg_pair_ok() ensures that for ARG_CONST_SIZE{,_OR_ZERO}\nwe can access fn->arg_type[arg - 1] since it must contain a preceding\nARG_PTR_TO_MEM. For check_mem_reg() the meta argument can be removed\naltogether since we do check both BPF_READ and BPF_WRITE. Same for the\nequivalent check_kfunc_mem_size_reg().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50164", url: "https://www.suse.com/security/cve/CVE-2024-50164", }, { category: "external", summary: "SUSE Bug 1233099 for CVE-2024-50164", url: "https://bugzilla.suse.com/1233099", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50164", }, { cve: "CVE-2024-50165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50165", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Preserve param->string when parsing mount options\n\nIn bpf_parse_param(), keep the value of param->string intact so it can\nbe freed later. Otherwise, the kmalloc area pointed to by param->string\nwill be leaked as shown below:\n\nunreferenced object 0xffff888118c46d20 (size 8):\n comm \"new_name\", pid 12109, jiffies 4295580214\n hex dump (first 8 bytes):\n 61 6e 79 00 38 c9 5c 7e any.8.\\~\n backtrace (crc e1b7f876):\n [<00000000c6848ac7>] kmemleak_alloc+0x4b/0x80\n [<00000000de9f7d00>] __kmalloc_node_track_caller_noprof+0x36e/0x4a0\n [<000000003e29b886>] memdup_user+0x32/0xa0\n [<0000000007248326>] strndup_user+0x46/0x60\n [<0000000035b3dd29>] __x64_sys_fsconfig+0x368/0x3d0\n [<0000000018657927>] x64_sys_call+0xff/0x9f0\n [<00000000c0cabc95>] do_syscall_64+0x3b/0xc0\n [<000000002f331597>] entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50165", url: "https://www.suse.com/security/cve/CVE-2024-50165", }, { category: "external", summary: "SUSE Bug 1233031 for CVE-2024-50165", url: "https://bugzilla.suse.com/1233031", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50165", }, { cve: "CVE-2024-50166", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50166", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfsl/fman: Fix refcount handling of fman-related devices\n\nIn mac_probe() there are multiple calls to of_find_device_by_node(),\nfman_bind() and fman_port_bind() which takes references to of_dev->dev.\nNot all references taken by these calls are released later on error path\nin mac_probe() and in mac_remove() which lead to reference leaks.\n\nAdd references release.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50166", url: "https://www.suse.com/security/cve/CVE-2024-50166", }, { category: "external", summary: "SUSE Bug 1233050 for CVE-2024-50166", url: "https://bugzilla.suse.com/1233050", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50166", }, { cve: "CVE-2024-50167", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50167", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50167", url: "https://www.suse.com/security/cve/CVE-2024-50167", }, { category: "external", summary: "SUSE Bug 1233049 for CVE-2024-50167", url: "https://bugzilla.suse.com/1233049", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50167", }, { cve: "CVE-2024-50168", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50168", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sun3_82586: fix potential memory leak in sun3_82586_send_packet()\n\nThe sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb\nin case of skb->len being too long, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50168", url: "https://www.suse.com/security/cve/CVE-2024-50168", }, { category: "external", summary: "SUSE Bug 1233059 for CVE-2024-50168", url: "https://bugzilla.suse.com/1233059", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50168", }, { cve: "CVE-2024-50170", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50170", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bcmasp: fix potential memory leak in bcmasp_xmit()\n\nThe bcmasp_xmit() returns NETDEV_TX_OK without freeing skb\nin case of mapping fails, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50170", url: "https://www.suse.com/security/cve/CVE-2024-50170", }, { category: "external", summary: "SUSE Bug 1233030 for CVE-2024-50170", url: "https://bugzilla.suse.com/1233030", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50170", }, { cve: "CVE-2024-50171", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50171", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50171", url: "https://www.suse.com/security/cve/CVE-2024-50171", }, { category: "external", summary: "SUSE Bug 1233057 for CVE-2024-50171", url: "https://bugzilla.suse.com/1233057", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50171", }, { cve: "CVE-2024-50172", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50172", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix a possible memory leak\n\nIn bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails\ndriver is not freeing the memory allocated for \"rdev->chip_ctx\".", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50172", url: "https://www.suse.com/security/cve/CVE-2024-50172", }, { category: "external", summary: "SUSE Bug 1233029 for CVE-2024-50172", url: "https://bugzilla.suse.com/1233029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50172", }, { cve: "CVE-2024-50173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50173", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()\n\nThe group variable can't be used to retrieve ptdev in our second loop,\nbecause it points to the previously iterated list_head, not a valid\ngroup. Get the ptdev object from the scheduler instead.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50173", url: "https://www.suse.com/security/cve/CVE-2024-50173", }, { category: "external", summary: "SUSE Bug 1233094 for CVE-2024-50173", url: "https://bugzilla.suse.com/1233094", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50173", }, { cve: "CVE-2024-50174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50174", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panthor: Fix race when converting group handle to group object\n\nXArray provides it's own internal lock which protects the internal array\nwhen entries are being simultaneously added and removed. However there\nis still a race between retrieving the pointer from the XArray and\nincrementing the reference count.\n\nTo avoid this race simply hold the internal XArray lock when\nincrementing the reference count, this ensures there cannot be a racing\ncall to xa_erase().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50174", url: "https://www.suse.com/security/cve/CVE-2024-50174", }, { category: "external", summary: "SUSE Bug 1233093 for CVE-2024-50174", url: "https://bugzilla.suse.com/1233093", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50174", }, { cve: "CVE-2024-50175", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50175", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: qcom: camss: Remove use_count guard in stop_streaming\n\nThe use_count check was introduced so that multiple concurrent Raw Data\nInterfaces RDIs could be driven by different virtual channels VCs on the\nCSIPHY input driving the video pipeline.\n\nThis is an invalid use of use_count though as use_count pertains to the\nnumber of times a video entity has been opened by user-space not the number\nof active streams.\n\nIf use_count and stream-on count don't agree then stop_streaming() will\nbreak as is currently the case and has become apparent when using CAMSS\nwith libcamera's released softisp 0.3.\n\nThe use of use_count like this is a bit hacky and right now breaks regular\nusage of CAMSS for a single stream case. Stopping qcam results in the splat\nbelow, and then it cannot be started again and any attempts to do so fails\nwith -EBUSY.\n\n[ 1265.509831] WARNING: CPU: 5 PID: 919 at drivers/media/common/videobuf2/videobuf2-core.c:2183 __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common]\n...\n[ 1265.510630] Call trace:\n[ 1265.510636] __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common]\n[ 1265.510648] vb2_core_streamoff+0x24/0xcc [videobuf2_common]\n[ 1265.510660] vb2_ioctl_streamoff+0x5c/0xa8 [videobuf2_v4l2]\n[ 1265.510673] v4l_streamoff+0x24/0x30 [videodev]\n[ 1265.510707] __video_do_ioctl+0x190/0x3f4 [videodev]\n[ 1265.510732] video_usercopy+0x304/0x8c4 [videodev]\n[ 1265.510757] video_ioctl2+0x18/0x34 [videodev]\n[ 1265.510782] v4l2_ioctl+0x40/0x60 [videodev]\n...\n[ 1265.510944] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 0 in active state\n[ 1265.511175] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 1 in active state\n[ 1265.511398] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 2 in active st\n\nOne CAMSS specific way to handle multiple VCs on the same RDI might be:\n\n- Reference count each pipeline enable for CSIPHY, CSID, VFE and RDIx.\n- The video buffers are already associated with msm_vfeN_rdiX so\n release video buffers when told to do so by stop_streaming.\n- Only release the power-domains for the CSIPHY, CSID and VFE when\n their internal refcounts drop.\n\nEither way refusing to release video buffers based on use_count is\nerroneous and should be reverted. The silicon enabling code for selecting\nVCs is perfectly fine. Its a \"known missing feature\" that concurrent VCs\nwon't work with CAMSS right now.\n\nInitial testing with this code didn't show an error but, SoftISP and \"real\"\nusage with Google Hangouts breaks the upstream code pretty quickly, we need\nto do a partial revert and take another pass at VCs.\n\nThis commit partially reverts commit 89013969e232 (\"media: camss: sm8250:\nPipeline starting and stopping for multiple virtual channels\")", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50175", url: "https://www.suse.com/security/cve/CVE-2024-50175", }, { category: "external", summary: "SUSE Bug 1233092 for CVE-2024-50175", url: "https://bugzilla.suse.com/1233092", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50175", }, { cve: "CVE-2024-50176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50176", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: k3-r5: Fix error handling when power-up failed\n\nBy simply bailing out, the driver was violating its rule and internal\nassumptions that either both or no rproc should be initialized. E.g.,\nthis could cause the first core to be available but not the second one,\nleading to crashes on its shutdown later on while trying to dereference\nthat second instance.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50176", url: "https://www.suse.com/security/cve/CVE-2024-50176", }, { category: "external", summary: "SUSE Bug 1233091 for CVE-2024-50176", url: "https://bugzilla.suse.com/1233091", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50176", }, { cve: "CVE-2024-50177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50177", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a UBSAN warning in DML2.1\n\nWhen programming phantom pipe, since cursor_width is explicity set to 0,\nthis causes calculation logic to trigger overflow for an unsigned int\ntriggering the kernel's UBSAN check as below:\n\n[ 40.962845] UBSAN: shift-out-of-bounds in /tmp/amd.EfpumTkO/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3312:34\n[ 40.962849] shift exponent 4294967170 is too large for 32-bit type 'unsigned int'\n[ 40.962852] CPU: 1 PID: 1670 Comm: gnome-shell Tainted: G W OE 6.5.0-41-generic #41~22.04.2-Ubuntu\n[ 40.962854] Hardware name: Gigabyte Technology Co., Ltd. X670E AORUS PRO X/X670E AORUS PRO X, BIOS F21 01/10/2024\n[ 40.962856] Call Trace:\n[ 40.962857] <TASK>\n[ 40.962860] dump_stack_lvl+0x48/0x70\n[ 40.962870] dump_stack+0x10/0x20\n[ 40.962872] __ubsan_handle_shift_out_of_bounds+0x1ac/0x360\n[ 40.962878] calculate_cursor_req_attributes.cold+0x1b/0x28 [amdgpu]\n[ 40.963099] dml_core_mode_support+0x6b91/0x16bc0 [amdgpu]\n[ 40.963327] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963331] ? CalculateWatermarksMALLUseAndDRAMSpeedChangeSupport+0x18b8/0x2790 [amdgpu]\n[ 40.963534] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963536] ? dml_core_mode_support+0xb3db/0x16bc0 [amdgpu]\n[ 40.963730] dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu]\n[ 40.963906] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.963909] ? dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu]\n[ 40.964078] core_dcn4_mode_support+0x72/0xbf0 [amdgpu]\n[ 40.964247] dml2_top_optimization_perform_optimization_phase+0x1d3/0x2a0 [amdgpu]\n[ 40.964420] dml2_build_mode_programming+0x23d/0x750 [amdgpu]\n[ 40.964587] dml21_validate+0x274/0x770 [amdgpu]\n[ 40.964761] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.964763] ? resource_append_dpp_pipes_for_plane_composition+0x27c/0x3b0 [amdgpu]\n[ 40.964942] dml2_validate+0x504/0x750 [amdgpu]\n[ 40.965117] ? dml21_copy+0x95/0xb0 [amdgpu]\n[ 40.965291] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.965295] dcn401_validate_bandwidth+0x4e/0x70 [amdgpu]\n[ 40.965491] update_planes_and_stream_state+0x38d/0x5c0 [amdgpu]\n[ 40.965672] update_planes_and_stream_v3+0x52/0x1e0 [amdgpu]\n[ 40.965845] ? srso_alias_return_thunk+0x5/0x7f\n[ 40.965849] dc_update_planes_and_stream+0x71/0xb0 [amdgpu]\n\nFix this by adding a guard for checking cursor width before triggering\nthe size calculation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50177", url: "https://www.suse.com/security/cve/CVE-2024-50177", }, { category: "external", summary: "SUSE Bug 1233115 for CVE-2024-50177", url: "https://bugzilla.suse.com/1233115", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50177", }, { cve: "CVE-2024-50178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50178", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()\n\nUse raw_smp_processor_id() instead of plain smp_processor_id() in\ndo_service_request(), otherwise we may get some errors with the driver\nenabled:\n\n BUG: using smp_processor_id() in preemptible [00000000] code: (udev-worker)/208\n caller is loongson3_cpufreq_probe+0x5c/0x250 [loongson3_cpufreq]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50178", url: "https://www.suse.com/security/cve/CVE-2024-50178", }, { category: "external", summary: "SUSE Bug 1233121 for CVE-2024-50178", url: "https://bugzilla.suse.com/1233121", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50178", }, { cve: "CVE-2024-50179", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50179", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won't hold the Fw caps and there is case\nwill it get the Fw reference.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50179", url: "https://www.suse.com/security/cve/CVE-2024-50179", }, { category: "external", summary: "SUSE Bug 1233123 for CVE-2024-50179", url: "https://bugzilla.suse.com/1233123", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50179", }, { cve: "CVE-2024-50180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50180", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sisfb: Fix strbuf array overflow\n\nThe values of the variables xres and yres are placed in strbuf.\nThese variables are obtained from strbuf1.\nThe strbuf1 array contains digit characters\nand a space if the array contains non-digit characters.\nThen, when executing sprintf(strbuf, \"%ux%ux8\", xres, yres);\nmore than 16 bytes will be written to strbuf.\nIt is suggested to increase the size of the strbuf array to 24.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50180", url: "https://www.suse.com/security/cve/CVE-2024-50180", }, { category: "external", summary: "SUSE Bug 1233125 for CVE-2024-50180", url: "https://bugzilla.suse.com/1233125", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50180", }, { cve: "CVE-2024-50181", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50181", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50181", url: "https://www.suse.com/security/cve/CVE-2024-50181", }, { category: "external", summary: "SUSE Bug 1233127 for CVE-2024-50181", url: "https://bugzilla.suse.com/1233127", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50181", }, { cve: "CVE-2024-50182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50182", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsecretmem: disable memfd_secret() if arch cannot set direct map\n\nReturn -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This\nis the case for example on some arm64 configurations, where marking 4k\nPTEs in the direct map not present can only be done if the direct map is\nset up at 4k granularity in the first place (as ARM's break-before-make\nsemantics do not easily allow breaking apart large/gigantic pages).\n\nMore precisely, on arm64 systems with !can_set_direct_map(),\nset_direct_map_invalid_noflush() is a no-op, however it returns success\n(0) instead of an error. This means that memfd_secret will seemingly\n\"work\" (e.g. syscall succeeds, you can mmap the fd and fault in pages),\nbut it does not actually achieve its goal of removing its memory from the\ndirect map.\n\nNote that with this patch, memfd_secret() will start erroring on systems\nwhere can_set_direct_map() returns false (arm64 with\nCONFIG_RODATA_FULL_DEFAULT_ENABLED=n, CONFIG_DEBUG_PAGEALLOC=n and\nCONFIG_KFENCE=n), but that still seems better than the current silent\nfailure. Since CONFIG_RODATA_FULL_DEFAULT_ENABLED defaults to 'y', most\narm64 systems actually have a working memfd_secret() and aren't be\naffected.\n\nFrom going through the iterations of the original memfd_secret patch\nseries, it seems that disabling the syscall in these scenarios was the\nintended behavior [1] (preferred over having\nset_direct_map_invalid_noflush return an error as that would result in\nSIGBUSes at page-fault time), however the check for it got dropped between\nv16 [2] and v17 [3], when secretmem moved away from CMA allocations.\n\n[1]: https://lore.kernel.org/lkml/20201124164930.GK8537@kernel.org/\n[2]: https://lore.kernel.org/lkml/20210121122723.3446-11-rppt@kernel.org/#t\n[3]: https://lore.kernel.org/lkml/20201125092208.12544-10-rppt@kernel.org/", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50182", url: "https://www.suse.com/security/cve/CVE-2024-50182", }, { category: "external", summary: "SUSE Bug 1233129 for CVE-2024-50182", url: "https://bugzilla.suse.com/1233129", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50182", }, { cve: "CVE-2024-50183", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50183", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance\n\nDeleting an NPIV instance requires all fabric ndlps to be released before\nan NPIV's resources can be torn down. Failure to release fabric ndlps\nbeforehand opens kref imbalance race conditions. Fix by forcing the DA_ID\nto complete synchronously with usage of wait_queue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50183", url: "https://www.suse.com/security/cve/CVE-2024-50183", }, { category: "external", summary: "SUSE Bug 1233130 for CVE-2024-50183", url: "https://bugzilla.suse.com/1233130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50183", }, { cve: "CVE-2024-50184", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50184", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_pmem: Check device status before requesting flush\n\nIf a pmem device is in a bad status, the driver side could wait for\nhost ack forever in virtio_pmem_flush(), causing the system to hang.\n\nSo add a status check in the beginning of virtio_pmem_flush() to return\nearly if the device is not activated.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50184", url: "https://www.suse.com/security/cve/CVE-2024-50184", }, { category: "external", summary: "SUSE Bug 1233135 for CVE-2024-50184", url: "https://bugzilla.suse.com/1233135", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50184", }, { cve: "CVE-2024-50185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50185", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50185", url: "https://www.suse.com/security/cve/CVE-2024-50185", }, { category: "external", summary: "SUSE Bug 1233109 for CVE-2024-50185", url: "https://bugzilla.suse.com/1233109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50185", }, { cve: "CVE-2024-50186", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50186", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: explicitly clear the sk pointer, when pf->create fails\n\nWe have recently noticed the exact same KASAN splat as in commit\n6cd4a78d962b (\"net: do not leave a dangling sk pointer, when socket\ncreation fails\"). The problem is that commit did not fully address the\nproblem, as some pf->create implementations do not use sk_common_release\nin their error paths.\n\nFor example, we can use the same reproducer as in the above commit, but\nchanging ping to arping. arping uses AF_PACKET socket and if packet_create\nfails, it will just sk_free the allocated sk object.\n\nWhile we could chase all the pf->create implementations and make sure they\nNULL the freed sk object on error from the socket, we can't guarantee\nfuture protocols will not make the same mistake.\n\nSo it is easier to just explicitly NULL the sk pointer upon return from\npf->create in __sock_create. We do know that pf->create always releases the\nallocated sk object on error, so if the pointer is not NULL, it is\ndefinitely dangling.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50186", url: "https://www.suse.com/security/cve/CVE-2024-50186", }, { category: "external", summary: "SUSE Bug 1233110 for CVE-2024-50186", url: "https://bugzilla.suse.com/1233110", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50186", }, { cve: "CVE-2024-50187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50187", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Stop the active perfmon before being destroyed\n\nUpon closing the file descriptor, the active performance monitor is not\nstopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`,\nthe active performance monitor's pointer (`vc4->active_perfmon`) is still\nretained.\n\nIf we open a new file descriptor and submit a few jobs with performance\nmonitors, the driver will attempt to stop the active performance monitor\nusing the stale pointer in `vc4->active_perfmon`. However, this pointer\nis no longer valid because the previous process has already terminated,\nand all performance monitors associated with it have been destroyed and\nfreed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50187", url: "https://www.suse.com/security/cve/CVE-2024-50187", }, { category: "external", summary: "SUSE Bug 1233108 for CVE-2024-50187", url: "https://bugzilla.suse.com/1233108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50187", }, { cve: "CVE-2024-50188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50188", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: dp83869: fix memory corruption when enabling fiber\n\nWhen configuring the fiber port, the DP83869 PHY driver incorrectly\ncalls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit\nnumber (10). This corrupts some other memory location -- in case of\narm64 the priv pointer in the same structure.\n\nSince the advertising flags are updated from supported at the end of the\nfunction the incorrect line isn't needed at all and can be removed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50188", url: "https://www.suse.com/security/cve/CVE-2024-50188", }, { category: "external", summary: "SUSE Bug 1233107 for CVE-2024-50188", url: "https://bugzilla.suse.com/1233107", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50188", }, { cve: "CVE-2024-50189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50189", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Switch to device-managed dmam_alloc_coherent()\n\nUsing the device-managed version allows to simplify clean-up in probe()\nerror path.\n\nAdditionally, this device-managed ensures proper cleanup, which helps to\nresolve memory errors, page faults, btrfs going read-only, and btrfs\ndisk corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50189", url: "https://www.suse.com/security/cve/CVE-2024-50189", }, { category: "external", summary: "SUSE Bug 1233105 for CVE-2024-50189", url: "https://bugzilla.suse.com/1233105", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50189", }, { cve: "CVE-2024-50190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50190", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memleak in ice_init_tx_topology()\n\nFix leak of the FW blob (DDP pkg).\n\nMake ice_cfg_tx_topo() const-correct, so ice_init_tx_topology() can avoid\ncopying whole FW blob. Copy just the topology section, and only when\nneeded. Reuse the buffer allocated for the read of the current topology.\n\nThis was found by kmemleak, with the following trace for each PF:\n [<ffffffff8761044d>] kmemdup_noprof+0x1d/0x50\n [<ffffffffc0a0a480>] ice_init_ddp_config+0x100/0x220 [ice]\n [<ffffffffc0a0da7f>] ice_init_dev+0x6f/0x200 [ice]\n [<ffffffffc0a0dc49>] ice_init+0x29/0x560 [ice]\n [<ffffffffc0a10c1d>] ice_probe+0x21d/0x310 [ice]\n\nConstify ice_cfg_tx_topo() @buf parameter.\nThis cascades further down to few more functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50190", url: "https://www.suse.com/security/cve/CVE-2024-50190", }, { category: "external", summary: "SUSE Bug 1233090 for CVE-2024-50190", url: "https://bugzilla.suse.com/1233090", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50190", }, { cve: "CVE-2024-50191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50191", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don't set SB_RDONLY after filesystem errors\n\nWhen the filesystem is mounted with errors=remount-ro, we were setting\nSB_RDONLY flag to stop all filesystem modifications. We knew this misses\nproper locking (sb->s_umount) and does not go through proper filesystem\nremount procedure but it has been the way this worked since early ext2\ndays and it was good enough for catastrophic situation damage\nmitigation. Recently, syzbot has found a way (see link) to trigger\nwarnings in filesystem freezing because the code got confused by\nSB_RDONLY changing under its hands. Since these days we set\nEXT4_FLAGS_SHUTDOWN on the superblock which is enough to stop all\nfilesystem modifications, modifying SB_RDONLY shouldn't be needed. So\nstop doing that.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50191", url: "https://www.suse.com/security/cve/CVE-2024-50191", }, { category: "external", summary: "SUSE Bug 1233101 for CVE-2024-50191", url: "https://bugzilla.suse.com/1233101", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50191", }, { cve: "CVE-2024-50192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50192", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v4: Don't allow a VMOVP on a dying VPE\n\nKunkun Jiang reported that there is a small window of opportunity for\nuserspace to force a change of affinity for a VPE while the VPE has already\nbeen unmapped, but the corresponding doorbell interrupt still visible in\n/proc/irq/.\n\nPlug the race by checking the value of vmapp_count, which tracks whether\nthe VPE is mapped ot not, and returning an error in this case.\n\nThis involves making vmapp_count common to both GICv4.1 and its v4.0\nancestor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50192", url: "https://www.suse.com/security/cve/CVE-2024-50192", }, { category: "external", summary: "SUSE Bug 1233106 for CVE-2024-50192", url: "https://bugzilla.suse.com/1233106", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50192", }, { cve: "CVE-2024-50193", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50193", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/entry_32: Clear CPU buffers after register restore in NMI return\n\nCPU buffers are currently cleared after call to exc_nmi, but before\nregister state is restored. This may be okay for MDS mitigation but not for\nRDFS. Because RDFS mitigation requires CPU buffers to be cleared when\nregisters don't have any sensitive data.\n\nMove CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50193", url: "https://www.suse.com/security/cve/CVE-2024-50193", }, { category: "external", summary: "SUSE Bug 1233102 for CVE-2024-50193", url: "https://bugzilla.suse.com/1233102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50193", }, { cve: "CVE-2024-50194", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50194", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Fix uprobes for big-endian kernels\n\nThe arm64 uprobes code is broken for big-endian kernels as it doesn't\nconvert the in-memory instruction encoding (which is always\nlittle-endian) into the kernel's native endianness before analyzing and\nsimulating instructions. This may result in a few distinct problems:\n\n* The kernel may may erroneously reject probing an instruction which can\n safely be probed.\n\n* The kernel may erroneously erroneously permit stepping an\n instruction out-of-line when that instruction cannot be stepped\n out-of-line safely.\n\n* The kernel may erroneously simulate instruction incorrectly dur to\n interpretting the byte-swapped encoding.\n\nThe endianness mismatch isn't caught by the compiler or sparse because:\n\n* The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so\n the compiler and sparse have no idea these contain a little-endian\n 32-bit value. The core uprobes code populates these with a memcpy()\n which similarly does not handle endianness.\n\n* While the uprobe_opcode_t type is an alias for __le32, both\n arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[]\n to the similarly-named probe_opcode_t, which is an alias for u32.\n Hence there is no endianness conversion warning.\n\nFix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and\nadding the appropriate __le32_to_cpu() conversions prior to consuming\nthe instruction encoding. The core uprobes copies these fields as opaque\nranges of bytes, and so is unaffected by this change.\n\nAt the same time, remove MAX_UINSN_BYTES and consistently use\nAARCH64_INSN_SIZE for clarity.\n\nTested with the following:\n\n| #include <stdio.h>\n| #include <stdbool.h>\n|\n| #define noinline __attribute__((noinline))\n|\n| static noinline void *adrp_self(void)\n| {\n| void *addr;\n|\n| asm volatile(\n| \" adrp %x0, adrp_self\\n\"\n| \" add %x0, %x0, :lo12:adrp_self\\n\"\n| : \"=r\" (addr));\n| }\n|\n|\n| int main(int argc, char *argv)\n| {\n| void *ptr = adrp_self();\n| bool equal = (ptr == adrp_self);\n|\n| printf(\"adrp_self => %p\\n\"\n| \"adrp_self() => %p\\n\"\n| \"%s\\n\",\n| adrp_self, ptr, equal ? \"EQUAL\" : \"NOT EQUAL\");\n|\n| return 0;\n| }\n\n.... where the adrp_self() function was compiled to:\n\n| 00000000004007e0 <adrp_self>:\n| 4007e0: 90000000 adrp x0, 400000 <__ehdr_start>\n| 4007e4: 911f8000 add x0, x0, #0x7e0\n| 4007e8: d65f03c0 ret\n\nBefore this patch, the ADRP is not recognized, and is assumed to be\nsteppable, resulting in corruption of the result:\n\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL\n| # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events\n| # echo 1 > /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0xffffffffff7e0\n| NOT EQUAL\n\nAfter this patch, the ADRP is correctly recognized and simulated:\n\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL\n| #\n| # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events\n| # echo 1 > /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self => 0x4007e0\n| adrp_self() => 0x4007e0\n| EQUAL", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50194", url: "https://www.suse.com/security/cve/CVE-2024-50194", }, { category: "external", summary: "SUSE Bug 1233111 for CVE-2024-50194", url: "https://bugzilla.suse.com/1233111", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50194", }, { cve: "CVE-2024-50195", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50195", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct's tv_sec and tv_nsec range before calling\nptp->info->settime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp->tv_sec and tp->tv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50195", url: "https://www.suse.com/security/cve/CVE-2024-50195", }, { category: "external", summary: "SUSE Bug 1233103 for CVE-2024-50195", url: "https://bugzilla.suse.com/1233103", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50195", }, { cve: "CVE-2024-50196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50196", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: ocelot: fix system hang on level based interrupts\n\nThe current implementation only calls chained_irq_enter() and\nchained_irq_exit() if it detects pending interrupts.\n\n```\nfor (i = 0; i < info->stride; i++) {\n\turegmap_read(info->map, id_reg + 4 * i, ®);\n\tif (!reg)\n\t\tcontinue;\n\n\tchained_irq_enter(parent_chip, desc);\n```\n\nHowever, in case of GPIO pin configured in level mode and the parent\ncontroller configured in edge mode, GPIO interrupt might be lowered by the\nhardware. In the result, if the interrupt is short enough, the parent\ninterrupt is still pending while the GPIO interrupt is cleared;\nchained_irq_enter() never gets called and the system hangs trying to\nservice the parent interrupt.\n\nMoving chained_irq_enter() and chained_irq_exit() outside the for loop\nensures that they are called even when GPIO interrupt is lowered by the\nhardware.\n\nThe similar code with chained_irq_enter() / chained_irq_exit() functions\nwrapping interrupt checking loop may be found in many other drivers:\n```\ngrep -r -A 10 chained_irq_enter drivers/pinctrl\n```", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50196", url: "https://www.suse.com/security/cve/CVE-2024-50196", }, { category: "external", summary: "SUSE Bug 1233113 for CVE-2024-50196", url: "https://bugzilla.suse.com/1233113", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50196", }, { cve: "CVE-2024-50197", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50197", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: intel: platform: fix error path in device_for_each_child_node()\n\nThe device_for_each_child_node() loop requires calls to\nfwnode_handle_put() upon early returns to decrement the refcount of\nthe child node and avoid leaking memory if that error path is triggered.\n\nThere is one early returns within that loop in\nintel_platform_pinctrl_prepare_community(), but fwnode_handle_put() is\nmissing.\n\nInstead of adding the missing call, the scoped version of the loop can\nbe used to simplify the code and avoid mistakes in the future if new\nearly returns are added, as the child node is only used for parsing, and\nit is never assigned.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50197", url: "https://www.suse.com/security/cve/CVE-2024-50197", }, { category: "external", summary: "SUSE Bug 1233089 for CVE-2024-50197", url: "https://bugzilla.suse.com/1233089", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50197", }, { cve: "CVE-2024-50198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50198", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: light: veml6030: fix IIO device retrieval from embedded device\n\nThe dev pointer that is received as an argument in the\nin_illuminance_period_available_show function references the device\nembedded in the IIO device, not in the i2c client.\n\ndev_to_iio_dev() must be used to accessthe right data. The current\nimplementation leads to a segmentation fault on every attempt to read\nthe attribute because indio_dev gets a NULL assignment.\n\nThis bug has been present since the first appearance of the driver,\napparently since the last version (V6) before getting applied. A\nconstant attribute was used until then, and the last modifications might\nhave not been tested again.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50198", url: "https://www.suse.com/security/cve/CVE-2024-50198", }, { category: "external", summary: "SUSE Bug 1233100 for CVE-2024-50198", url: "https://bugzilla.suse.com/1233100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50198", }, { cve: "CVE-2024-50199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50199", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/swapfile: skip HugeTLB pages for unuse_vma\n\nI got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The\nproblem can be reproduced by the following steps:\n\n 1. Allocate an anonymous 1GB HugeTLB and some other anonymous memory.\n 2. Swapout the above anonymous memory.\n 3. run swapoff and we will get a bad pud error in kernel message:\n\n mm/pgtable-generic.c:42: bad pud 00000000743d215d(84000001400000e7)\n\nWe can tell that pud_clear_bad is called by pud_none_or_clear_bad in\nunuse_pud_range() by ftrace. And therefore the HugeTLB pages will never\nbe freed because we lost it from page table. We can skip HugeTLB pages\nfor unuse_vma to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50199", url: "https://www.suse.com/security/cve/CVE-2024-50199", }, { category: "external", summary: "SUSE Bug 1233112 for CVE-2024-50199", url: "https://bugzilla.suse.com/1233112", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50199", }, { cve: "CVE-2024-50200", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50200", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmaple_tree: correct tree corruption on spanning store\n\nPatch series \"maple_tree: correct tree corruption on spanning store\", v3.\n\nThere has been a nasty yet subtle maple tree corruption bug that appears\nto have been in existence since the inception of the algorithm.\n\nThis bug seems far more likely to happen since commit f8d112a4e657\n(\"mm/mmap: avoid zeroing vma tree in mmap_region()\"), which is the point\nat which reports started to be submitted concerning this bug.\n\nWe were made definitely aware of the bug thanks to the kind efforts of\nBert Karwatzki who helped enormously in my being able to track this down\nand identify the cause of it.\n\nThe bug arises when an attempt is made to perform a spanning store across\ntwo leaf nodes, where the right leaf node is the rightmost child of the\nshared parent, AND the store completely consumes the right-mode node.\n\nThis results in mas_wr_spanning_store() mitakenly duplicating the new and\nexisting entries at the maximum pivot within the range, and thus maple\ntree corruption.\n\nThe fix patch corrects this by detecting this scenario and disallowing the\nmistaken duplicate copy.\n\nThe fix patch commit message goes into great detail as to how this occurs.\n\nThis series also includes a test which reliably reproduces the issue, and\nasserts that the fix works correctly.\n\nBert has kindly tested the fix and confirmed it resolved his issues. Also\nMikhail Gavrilov kindly reported what appears to be precisely the same\nbug, which this fix should also resolve.\n\n\nThis patch (of 2):\n\nThere has been a subtle bug present in the maple tree implementation from\nits inception.\n\nThis arises from how stores are performed - when a store occurs, it will\noverwrite overlapping ranges and adjust the tree as necessary to\naccommodate this.\n\nA range may always ultimately span two leaf nodes. In this instance we\nwalk the two leaf nodes, determine which elements are not overwritten to\nthe left and to the right of the start and end of the ranges respectively\nand then rebalance the tree to contain these entries and the newly\ninserted one.\n\nThis kind of store is dubbed a 'spanning store' and is implemented by\nmas_wr_spanning_store().\n\nIn order to reach this stage, mas_store_gfp() invokes\nmas_wr_preallocate(), mas_wr_store_type() and mas_wr_walk() in turn to\nwalk the tree and update the object (mas) to traverse to the location\nwhere the write should be performed, determining its store type.\n\nWhen a spanning store is required, this function returns false stopping at\nthe parent node which contains the target range, and mas_wr_store_type()\nmarks the mas->store_type as wr_spanning_store to denote this fact.\n\nWhen we go to perform the store in mas_wr_spanning_store(), we first\ndetermine the elements AFTER the END of the range we wish to store (that\nis, to the right of the entry to be inserted) - we do this by walking to\nthe NEXT pivot in the tree (i.e. r_mas.last + 1), starting at the node we\nhave just determined contains the range over which we intend to write.\n\nWe then turn our attention to the entries to the left of the entry we are\ninserting, whose state is represented by l_mas, and copy these into a 'big\nnode', which is a special node which contains enough slots to contain two\nleaf node's worth of data.\n\nWe then copy the entry we wish to store immediately after this - the copy\nand the insertion of the new entry is performed by mas_store_b_node().\n\nAfter this we copy the elements to the right of the end of the range which\nwe are inserting, if we have not exceeded the length of the node (i.e. \nr_mas.offset <= r_mas.end).\n\nHerein lies the bug - under very specific circumstances, this logic can\nbreak and corrupt the maple tree.\n\nConsider the following tree:\n\nHeight\n 0 Root Node\n / \\\n pivot = 0xffff / \\ pivot = ULONG_MAX\n / \n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50200", url: "https://www.suse.com/security/cve/CVE-2024-50200", }, { category: "external", summary: "SUSE Bug 1233088 for CVE-2024-50200", url: "https://bugzilla.suse.com/1233088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50200", }, { cve: "CVE-2024-50201", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50201", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: Fix encoder->possible_clones\n\nInclude the encoder itself in its possible_clones bitmask.\nIn the past nothing validated that drivers were populating\npossible_clones correctly, but that changed in commit\n74d2aacbe840 (\"drm: Validate encoder->possible_clones\").\nLooks like radeon never got the memo and is still not\nfollowing the rules 100% correctly.\n\nThis results in some warnings during driver initialization:\nBogus possible_clones: [ENCODER:46:TV-46] possible_clones=0x4 (full encoder mask=0x7)\nWARNING: CPU: 0 PID: 170 at drivers/gpu/drm/drm_mode_config.c:615 drm_mode_config_validate+0x113/0x39c\n...\n\n(cherry picked from commit 3b6e7d40649c0d75572039aff9d0911864c689db)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50201", url: "https://www.suse.com/security/cve/CVE-2024-50201", }, { category: "external", summary: "SUSE Bug 1233104 for CVE-2024-50201", url: "https://bugzilla.suse.com/1233104", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50201", }, { cve: "CVE-2024-50205", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50205", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()\n\nThe step variable is initialized to zero. It is changed in the loop,\nbut if it's not changed it will remain zero. Add a variable check\nbefore the division.\n\nThe observed behavior was introduced by commit 826b5de90c0b\n(\"ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size\"),\nand it is difficult to show that any of the interval parameters will\nsatisfy the snd_interval_test() condition with data from the\namdtp_rate_table[] table.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50205", url: "https://www.suse.com/security/cve/CVE-2024-50205", }, { category: "external", summary: "SUSE Bug 1233293 for CVE-2024-50205", url: "https://bugzilla.suse.com/1233293", }, { category: "external", summary: "SUSE Bug 1233294 for CVE-2024-50205", url: "https://bugzilla.suse.com/1233294", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50205", }, { cve: "CVE-2024-50206", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50206", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: fix memory corruption during fq dma init\n\nThe loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must\nonly touch as many descriptors, otherwise it ends up corrupting unrelated\nmemory. Fix the loop iteration count accordingly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50206", url: "https://www.suse.com/security/cve/CVE-2024-50206", }, { category: "external", summary: "SUSE Bug 1233288 for CVE-2024-50206", url: "https://bugzilla.suse.com/1233288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50206", }, { cve: "CVE-2024-50207", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50207", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix reader locking when changing the sub buffer order\n\nThe function ring_buffer_subbuf_order_set() updates each\nring_buffer_per_cpu and installs new sub buffers that match the requested\npage order. This operation may be invoked concurrently with readers that\nrely on some of the modified data, such as the head bit (RB_PAGE_HEAD), or\nthe ring_buffer_per_cpu.pages and reader_page pointers. However, no\nexclusive access is acquired by ring_buffer_subbuf_order_set(). Modifying\nthe mentioned data while a reader also operates on them can then result in\nincorrect memory access and various crashes.\n\nFix the problem by taking the reader_lock when updating a specific\nring_buffer_per_cpu in ring_buffer_subbuf_order_set().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50207", url: "https://www.suse.com/security/cve/CVE-2024-50207", }, { category: "external", summary: "SUSE Bug 1233122 for CVE-2024-50207", url: "https://bugzilla.suse.com/1233122", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50207", }, { cve: "CVE-2024-50208", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50208", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages\n\nAvoid memory corruption while setting up Level-2 PBL pages for the non MR\nresources when num_pages > 256K.\n\nThere will be a single PDE page address (contiguous pages in the case of >\nPAGE_SIZE), but, current logic assumes multiple pages, leading to invalid\nmemory access after 256K PBL entries in the PDE.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50208", url: "https://www.suse.com/security/cve/CVE-2024-50208", }, { category: "external", summary: "SUSE Bug 1233117 for CVE-2024-50208", url: "https://bugzilla.suse.com/1233117", }, { category: "external", summary: "SUSE Bug 1233118 for CVE-2024-50208", url: "https://bugzilla.suse.com/1233118", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50208", }, { cve: "CVE-2024-50209", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50209", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Add a check for memory allocation\n\n__alloc_pbl() can return error when memory allocation fails.\nDriver is not checking the status on one of the instances.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50209", url: "https://www.suse.com/security/cve/CVE-2024-50209", }, { category: "external", summary: "SUSE Bug 1233114 for CVE-2024-50209", url: "https://bugzilla.suse.com/1233114", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50209", }, { cve: "CVE-2024-50210", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50210", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid's fd,\nand get the clk->rwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid's fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50210", url: "https://www.suse.com/security/cve/CVE-2024-50210", }, { category: "external", summary: "SUSE Bug 1233097 for CVE-2024-50210", url: "https://bugzilla.suse.com/1233097", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50210", }, { cve: "CVE-2024-50211", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50211", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: refactor inode_bmap() to handle error\n\nRefactor inode_bmap() to handle error since udf_next_aext() can return\nerror now. On situations like ftruncate, udf_extend_file() can now\ndetect errors and bail out early without resorting to checking for\nparticular offsets and assuming internal behavior of these functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50211", url: "https://www.suse.com/security/cve/CVE-2024-50211", }, { category: "external", summary: "SUSE Bug 1233096 for CVE-2024-50211", url: "https://bugzilla.suse.com/1233096", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50211", }, { cve: "CVE-2024-50212", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50212", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nlib: alloc_tag_module_unload must wait for pending kfree_rcu calls\n\nBen Greear reports following splat:\n ------------[ cut here ]------------\n net/netfilter/nf_nat_core.c:1114 module nf_nat func:nf_nat_register_fn has 256 allocated at module unload\n WARNING: CPU: 1 PID: 10421 at lib/alloc_tag.c:168 alloc_tag_module_unload+0x22b/0x3f0\n Modules linked in: nf_nat(-) btrfs ufs qnx4 hfsplus hfs minix vfat msdos fat\n...\n Hardware name: Default string Default string/SKYBAY, BIOS 5.12 08/04/2020\n RIP: 0010:alloc_tag_module_unload+0x22b/0x3f0\n codetag_unload_module+0x19b/0x2a0\n ? codetag_load_module+0x80/0x80\n\nnf_nat module exit calls kfree_rcu on those addresses, but the free\noperation is likely still pending by the time alloc_tag checks for leaks.\n\nWait for outstanding kfree_rcu operations to complete before checking\nresolves this warning.\n\nReproducer:\nunshare -n iptables-nft -t nat -A PREROUTING -p tcp\ngrep nf_nat /proc/allocinfo # will list 4 allocations\nrmmod nft_chain_nat\nrmmod nf_nat # will WARN.\n\n[akpm@linux-foundation.org: add comment]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50212", url: "https://www.suse.com/security/cve/CVE-2024-50212", }, { category: "external", summary: "SUSE Bug 1233173 for CVE-2024-50212", url: "https://bugzilla.suse.com/1233173", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50212", }, { cve: "CVE-2024-50213", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50213", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()\n\nmodprobe drm_hdmi_state_helper_test and then rmmod it, the following\nmemory leak occurs.\n\nThe `mode` allocated in drm_mode_duplicate() called by\ndrm_display_mode_from_cea_vic() is not freed, which cause the memory leak:\n\n\tunreferenced object 0xffffff80ccd18100 (size 128):\n\t comm \"kunit_try_catch\", pid 1851, jiffies 4295059695\n\t hex dump (first 32 bytes):\n\t 57 62 00 00 80 02 90 02 f0 02 20 03 00 00 e0 01 Wb........ .....\n\t ea 01 ec 01 0d 02 00 00 0a 00 00 00 00 00 00 00 ................\n\t backtrace (crc c2f1aa95):\n\t [<000000000f10b11b>] kmemleak_alloc+0x34/0x40\n\t [<000000001cd4cf73>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<00000000f1f3cffa>] drm_mode_duplicate+0x44/0x19c\n\t [<000000008cbeef13>] drm_display_mode_from_cea_vic+0x88/0x98\n\t [<0000000019daaacf>] 0xffffffedc11ae69c\n\t [<000000000aad0f85>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000a9210bac>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<000000000a0b2e9e>] kthread+0x2e8/0x374\n\t [<00000000bd668858>] ret_from_fork+0x10/0x20\n\t......\n\nFree `mode` by using drm_kunit_display_mode_from_cea_vic()\nto fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50213", url: "https://www.suse.com/security/cve/CVE-2024-50213", }, { category: "external", summary: "SUSE Bug 1233174 for CVE-2024-50213", url: "https://bugzilla.suse.com/1233174", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50213", }, { cve: "CVE-2024-50214", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50214", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic()\n\nmodprobe drm_connector_test and then rmmod drm_connector_test,\nthe following memory leak occurs.\n\nThe `mode` allocated in drm_mode_duplicate() called by\ndrm_display_mode_from_cea_vic() is not freed, which cause the memory leak:\n\n\tunreferenced object 0xffffff80cb0ee400 (size 128):\n\t comm \"kunit_try_catch\", pid 1948, jiffies 4294950339\n\t hex dump (first 32 bytes):\n\t 14 44 02 00 80 07 d8 07 04 08 98 08 00 00 38 04 .D............8.\n\t 3c 04 41 04 65 04 00 00 05 00 00 00 00 00 00 00 <.A.e...........\n\t backtrace (crc 90e9585c):\n\t [<00000000ec42e3d7>] kmemleak_alloc+0x34/0x40\n\t [<00000000d0ef055a>] __kmalloc_cache_noprof+0x26c/0x2f4\n\t [<00000000c2062161>] drm_mode_duplicate+0x44/0x19c\n\t [<00000000f96c74aa>] drm_display_mode_from_cea_vic+0x88/0x98\n\t [<00000000d8f2c8b4>] 0xffffffdc982a4868\n\t [<000000005d164dbc>] kunit_try_run_case+0x13c/0x3ac\n\t [<000000006fb23398>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<000000006ea56ca0>] kthread+0x2e8/0x374\n\t [<000000000676063f>] ret_from_fork+0x10/0x20\n\t......\n\nFree `mode` by using drm_kunit_display_mode_from_cea_vic()\nto fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50214", url: "https://www.suse.com/security/cve/CVE-2024-50214", }, { category: "external", summary: "SUSE Bug 1233177 for CVE-2024-50214", url: "https://bugzilla.suse.com/1233177", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50214", }, { cve: "CVE-2024-50215", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50215", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-auth: assign dh_key to NULL after kfree_sensitive\n\nctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup()\nfor the same controller. So it's better to nullify it after release on\nerror path in order to avoid double free later in nvmet_destroy_auth().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50215", url: "https://www.suse.com/security/cve/CVE-2024-50215", }, { category: "external", summary: "SUSE Bug 1233189 for CVE-2024-50215", url: "https://bugzilla.suse.com/1233189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50215", }, { cve: "CVE-2024-50216", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50216", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix finding a last resort AG in xfs_filestream_pick_ag\n\nWhen the main loop in xfs_filestream_pick_ag fails to find a suitable\nAG it tries to just pick the online AG. But the loop for that uses\nargs->pag as loop iterator while the later code expects pag to be\nset. Fix this by reusing the max_pag case for this last resort, and\nalso add a check for impossible case of no AG just to make sure that\nthe uninitialized pag doesn't even escape in theory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50216", url: "https://www.suse.com/security/cve/CVE-2024-50216", }, { category: "external", summary: "SUSE Bug 1233179 for CVE-2024-50216", url: "https://bugzilla.suse.com/1233179", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50216", }, { cve: "CVE-2024-50217", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50217", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()\n\nMounting btrfs from two images (which have the same one fsid and two\ndifferent dev_uuids) in certain executing order may trigger an UAF for\nvariable 'device->bdev_file' in __btrfs_free_extra_devids(). And\nfollowing are the details:\n\n1. Attach image_1 to loop0, attach image_2 to loop1, and scan btrfs\n devices by ioctl(BTRFS_IOC_SCAN_DEV):\n\n / btrfs_device_1 → loop0\n fs_device\n \\ btrfs_device_2 → loop1\n2. mount /dev/loop0 /mnt\n btrfs_open_devices\n btrfs_device_1->bdev_file = btrfs_get_bdev_and_sb(loop0)\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n fail: btrfs_close_devices // -ENOMEM\n\t btrfs_close_bdev(btrfs_device_1)\n fput(btrfs_device_1->bdev_file)\n\t // btrfs_device_1->bdev_file is freed\n\t btrfs_close_bdev(btrfs_device_2)\n fput(btrfs_device_2->bdev_file)\n\n3. mount /dev/loop1 /mnt\n btrfs_open_devices\n btrfs_get_bdev_and_sb(&bdev_file)\n // EIO, btrfs_device_1->bdev_file is not assigned,\n // which points to a freed memory area\n btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1)\n btrfs_fill_super\n open_ctree\n btrfs_free_extra_devids\n if (btrfs_device_1->bdev_file)\n fput(btrfs_device_1->bdev_file) // UAF !\n\nFix it by setting 'device->bdev_file' as 'NULL' after closing the\nbtrfs_device in btrfs_close_one_device().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50217", url: "https://www.suse.com/security/cve/CVE-2024-50217", }, { category: "external", summary: "SUSE Bug 1233194 for CVE-2024-50217", url: "https://bugzilla.suse.com/1233194", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50217", }, { cve: "CVE-2024-50218", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50218", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: pass u64 to ocfs2_truncate_inline maybe overflow\n\nSyzbot reported a kernel BUG in ocfs2_truncate_inline. There are two\nreasons for this: first, the parameter value passed is greater than\nocfs2_max_inline_data_with_xattr, second, the start and end parameters of\nocfs2_truncate_inline are \"unsigned int\".\n\nSo, we need to add a sanity check for byte_start and byte_len right before\nocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater\nthan ocfs2_max_inline_data_with_xattr return -EINVAL.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50218", url: "https://www.suse.com/security/cve/CVE-2024-50218", }, { category: "external", summary: "SUSE Bug 1233191 for CVE-2024-50218", url: "https://bugzilla.suse.com/1233191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50218", }, { cve: "CVE-2024-50220", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50220", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: do not invoke uffd on fork if error occurs\n\nPatch series \"fork: do not expose incomplete mm on fork\".\n\nDuring fork we may place the virtual memory address space into an\ninconsistent state before the fork operation is complete.\n\nIn addition, we may encounter an error during the fork operation that\nindicates that the virtual memory address space is invalidated.\n\nAs a result, we should not be exposing it in any way to external machinery\nthat might interact with the mm or VMAs, machinery that is not designed to\ndeal with incomplete state.\n\nWe specifically update the fork logic to defer khugepaged and ksm to the\nend of the operation and only to be invoked if no error arose, and\ndisallow uffd from observing fork events should an error have occurred.\n\n\nThis patch (of 2):\n\nCurrently on fork we expose the virtual address space of a process to\nuserland unconditionally if uffd is registered in VMAs, regardless of\nwhether an error arose in the fork.\n\nThis is performed in dup_userfaultfd_complete() which is invoked\nunconditionally, and performs two duties - invoking registered handlers\nfor the UFFD_EVENT_FORK event via dup_fctx(), and clearing down\nuserfaultfd_fork_ctx objects established in dup_userfaultfd().\n\nThis is problematic, because the virtual address space may not yet be\ncorrectly initialised if an error arose.\n\nThe change in commit d24062914837 (\"fork: use __mt_dup() to duplicate\nmaple tree in dup_mmap()\") makes this more pertinent as we may be in a\nstate where entries in the maple tree are not yet consistent.\n\nWe address this by, on fork error, ensuring that we roll back state that\nwe would otherwise expect to clean up through the event being handled by\nuserland and perform the memory freeing duty otherwise performed by\ndup_userfaultfd_complete().\n\nWe do this by implementing a new function, dup_userfaultfd_fail(), which\nperforms the same loop, only decrementing reference counts.\n\nNote that we perform mmgrab() on the parent and child mm's, however\nuserfaultfd_ctx_put() will mmdrop() this once the reference count drops to\nzero, so we will avoid memory leaks correctly here.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50220", url: "https://www.suse.com/security/cve/CVE-2024-50220", }, { category: "external", summary: "SUSE Bug 1233175 for CVE-2024-50220", url: "https://bugzilla.suse.com/1233175", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50220", }, { cve: "CVE-2024-50221", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50221", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Vangogh: Fix kernel memory out of bounds write\n\nKASAN reports that the GPU metrics table allocated in\nvangogh_tables_init() is not large enough for the memset done in\nsmu_cmn_init_soft_gpu_metrics(). Condensed report follows:\n\n[ 33.861314] BUG: KASAN: slab-out-of-bounds in smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu]\n[ 33.861799] Write of size 168 at addr ffff888129f59500 by task mangoapp/1067\n...\n[ 33.861808] CPU: 6 UID: 1000 PID: 1067 Comm: mangoapp Tainted: G W 6.12.0-rc4 #356 1a56f59a8b5182eeaf67eb7cb8b13594dd23b544\n[ 33.861816] Tainted: [W]=WARN\n[ 33.861818] Hardware name: Valve Galileo/Galileo, BIOS F7G0107 12/01/2023\n[ 33.861822] Call Trace:\n[ 33.861826] <TASK>\n[ 33.861829] dump_stack_lvl+0x66/0x90\n[ 33.861838] print_report+0xce/0x620\n[ 33.861853] kasan_report+0xda/0x110\n[ 33.862794] kasan_check_range+0xfd/0x1a0\n[ 33.862799] __asan_memset+0x23/0x40\n[ 33.862803] smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.863306] vangogh_get_gpu_metrics_v2_4+0x123/0xad0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.864257] vangogh_common_get_gpu_metrics+0xb0c/0xbc0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.865682] amdgpu_dpm_get_gpu_metrics+0xcc/0x110 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.866160] amdgpu_get_gpu_metrics+0x154/0x2d0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779]\n[ 33.867135] dev_attr_show+0x43/0xc0\n[ 33.867147] sysfs_kf_seq_show+0x1f1/0x3b0\n[ 33.867155] seq_read_iter+0x3f8/0x1140\n[ 33.867173] vfs_read+0x76c/0xc50\n[ 33.867198] ksys_read+0xfb/0x1d0\n[ 33.867214] do_syscall_64+0x90/0x160\n...\n[ 33.867353] Allocated by task 378 on cpu 7 at 22.794876s:\n[ 33.867358] kasan_save_stack+0x33/0x50\n[ 33.867364] kasan_save_track+0x17/0x60\n[ 33.867367] __kasan_kmalloc+0x87/0x90\n[ 33.867371] vangogh_init_smc_tables+0x3f9/0x840 [amdgpu]\n[ 33.867835] smu_sw_init+0xa32/0x1850 [amdgpu]\n[ 33.868299] amdgpu_device_init+0x467b/0x8d90 [amdgpu]\n[ 33.868733] amdgpu_driver_load_kms+0x19/0xf0 [amdgpu]\n[ 33.869167] amdgpu_pci_probe+0x2d6/0xcd0 [amdgpu]\n[ 33.869608] local_pci_probe+0xda/0x180\n[ 33.869614] pci_device_probe+0x43f/0x6b0\n\nEmpirically we can confirm that the former allocates 152 bytes for the\ntable, while the latter memsets the 168 large block.\n\nRoot cause appears that when GPU metrics tables for v2_4 parts were added\nit was not considered to enlarge the table to fit.\n\nThe fix in this patch is rather \"brute force\" and perhaps later should be\ndone in a smarter way, by extracting and consolidating the part version to\nsize logic to a common helper, instead of brute forcing the largest\npossible allocation. Nevertheless, for now this works and fixes the out of\nbounds write.\n\nv2:\n * Drop impossible v3_0 case. (Mario)\n\n(cherry picked from commit 0880f58f9609f0200483a49429af0f050d281703)", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50221", url: "https://www.suse.com/security/cve/CVE-2024-50221", }, { category: "external", summary: "SUSE Bug 1233185 for CVE-2024-50221", url: "https://bugzilla.suse.com/1233185", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50221", }, { cve: "CVE-2024-50222", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50222", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP\n\ngeneric/077 on x86_32 CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP=y with highmem,\non huge=always tmpfs, issues a warning and then hangs (interruptibly):\n\nWARNING: CPU: 5 PID: 3517 at mm/highmem.c:622 kunmap_local_indexed+0x62/0xc9\nCPU: 5 UID: 0 PID: 3517 Comm: cp Not tainted 6.12.0-rc4 #2\n...\ncopy_page_from_iter_atomic+0xa6/0x5ec\ngeneric_perform_write+0xf6/0x1b4\nshmem_file_write_iter+0x54/0x67\n\nFix copy_page_from_iter_atomic() by limiting it in that case\n(include/linux/skbuff.h skb_frag_must_loop() does similar).\n\nBut going forward, perhaps CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP is too\nsurprising, has outlived its usefulness, and should just be removed?", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50222", url: "https://www.suse.com/security/cve/CVE-2024-50222", }, { category: "external", summary: "SUSE Bug 1233184 for CVE-2024-50222", url: "https://bugzilla.suse.com/1233184", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50222", }, { cve: "CVE-2024-50223", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50223", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50223", url: "https://www.suse.com/security/cve/CVE-2024-50223", }, { category: "external", summary: "SUSE Bug 1233192 for CVE-2024-50223", url: "https://bugzilla.suse.com/1233192", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50223", }, { cve: "CVE-2024-50224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50224", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-dspi: Fix crash when not using GPIO chip select\n\nAdd check for the return value of spi_get_csgpiod() to avoid passing a NULL\npointer to gpiod_direction_output(), preventing a crash when GPIO chip\nselect is not used.\n\nFix below crash:\n[ 4.251960] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 4.260762] Mem abort info:\n[ 4.263556] ESR = 0x0000000096000004\n[ 4.267308] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 4.272624] SET = 0, FnV = 0\n[ 4.275681] EA = 0, S1PTW = 0\n[ 4.278822] FSC = 0x04: level 0 translation fault\n[ 4.283704] Data abort info:\n[ 4.286583] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 4.292074] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 4.297130] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 4.302445] [0000000000000000] user address but active_mm is swapper\n[ 4.308805] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 4.315072] Modules linked in:\n[ 4.318124] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc4-next-20241023-00008-ga20ec42c5fc1 #359\n[ 4.328130] Hardware name: LS1046A QDS Board (DT)\n[ 4.332832] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 4.339794] pc : gpiod_direction_output+0x34/0x5c\n[ 4.344505] lr : gpiod_direction_output+0x18/0x5c\n[ 4.349208] sp : ffff80008003b8f0\n[ 4.352517] x29: ffff80008003b8f0 x28: 0000000000000000 x27: ffffc96bcc7e9068\n[ 4.359659] x26: ffffc96bcc6e00b0 x25: ffffc96bcc598398 x24: ffff447400132810\n[ 4.366800] x23: 0000000000000000 x22: 0000000011e1a300 x21: 0000000000020002\n[ 4.373940] x20: 0000000000000000 x19: 0000000000000000 x18: ffffffffffffffff\n[ 4.381081] x17: ffff44740016e600 x16: 0000000500000003 x15: 0000000000000007\n[ 4.388221] x14: 0000000000989680 x13: 0000000000020000 x12: 000000000000001e\n[ 4.395362] x11: 0044b82fa09b5a53 x10: 0000000000000019 x9 : 0000000000000008\n[ 4.402502] x8 : 0000000000000002 x7 : 0000000000000007 x6 : 0000000000000000\n[ 4.409641] x5 : 0000000000000200 x4 : 0000000002000000 x3 : 0000000000000000\n[ 4.416781] x2 : 0000000000022202 x1 : 0000000000000000 x0 : 0000000000000000\n[ 4.423921] Call trace:\n[ 4.426362] gpiod_direction_output+0x34/0x5c (P)\n[ 4.431067] gpiod_direction_output+0x18/0x5c (L)\n[ 4.435771] dspi_setup+0x220/0x334", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50224", url: "https://www.suse.com/security/cve/CVE-2024-50224", }, { category: "external", summary: "SUSE Bug 1233188 for CVE-2024-50224", url: "https://bugzilla.suse.com/1233188", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50224", }, { cve: "CVE-2024-50225", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50225", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix error propagation of split bios\n\nThe purpose of btrfs_bbio_propagate_error() shall be propagating an error\nof split bio to its original btrfs_bio, and tell the error to the upper\nlayer. However, it's not working well on some cases.\n\n* Case 1. Immediate (or quick) end_bio with an error\n\nWhen btrfs sends btrfs_bio to mirrored devices, btrfs calls\nbtrfs_bio_end_io() when all the mirroring bios are completed. If that\nbtrfs_bio was split, it is from btrfs_clone_bioset and its end_io function\nis btrfs_orig_write_end_io. For this case, btrfs_bbio_propagate_error()\naccesses the orig_bbio's bio context to increase the error count.\n\nThat works well in most cases. However, if the end_io is called enough\nfast, orig_bbio's (remaining part after split) bio context may not be\nproperly set at that time. Since the bio context is set when the orig_bbio\n(the last btrfs_bio) is sent to devices, that might be too late for earlier\nsplit btrfs_bio's completion. That will result in NULL pointer\ndereference.\n\nThat bug is easily reproducible by running btrfs/146 on zoned devices [1]\nand it shows the following trace.\n\n[1] You need raid-stripe-tree feature as it create \"-d raid0 -m raid1\" FS.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 UID: 0 PID: 13 Comm: kworker/u32:1 Not tainted 6.11.0-rc7-BTRFS-ZNS+ #474\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n Workqueue: writeback wb_workfn (flush-btrfs-5)\n RIP: 0010:btrfs_bio_end_io+0xae/0xc0 [btrfs]\n BTRFS error (device dm-0): bdev /dev/mapper/error-test errs: wr 2, rd 0, flush 0, corrupt 0, gen 0\n RSP: 0018:ffffc9000006f248 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888005a7f080 RCX: ffffc9000006f1dc\n RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff888005a7f080\n RBP: ffff888011dfc540 R08: 0000000000000000 R09: 0000000000000001\n R10: ffffffff82e508e0 R11: 0000000000000005 R12: ffff88800ddfbe58\n R13: ffff888005a7f080 R14: ffff888005a7f158 R15: ffff888005a7f158\n FS: 0000000000000000(0000) GS:ffff88803ea80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000020 CR3: 0000000002e22006 CR4: 0000000000370ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n ? __die_body.cold+0x19/0x26\n ? page_fault_oops+0x13e/0x2b0\n ? _printk+0x58/0x73\n ? do_user_addr_fault+0x5f/0x750\n ? exc_page_fault+0x76/0x240\n ? asm_exc_page_fault+0x22/0x30\n ? btrfs_bio_end_io+0xae/0xc0 [btrfs]\n ? btrfs_log_dev_io_error+0x7f/0x90 [btrfs]\n btrfs_orig_write_end_io+0x51/0x90 [btrfs]\n dm_submit_bio+0x5c2/0xa50 [dm_mod]\n ? find_held_lock+0x2b/0x80\n ? blk_try_enter_queue+0x90/0x1e0\n __submit_bio+0xe0/0x130\n ? ktime_get+0x10a/0x160\n ? lockdep_hardirqs_on+0x74/0x100\n submit_bio_noacct_nocheck+0x199/0x410\n btrfs_submit_bio+0x7d/0x150 [btrfs]\n btrfs_submit_chunk+0x1a1/0x6d0 [btrfs]\n ? lockdep_hardirqs_on+0x74/0x100\n ? __folio_start_writeback+0x10/0x2c0\n btrfs_submit_bbio+0x1c/0x40 [btrfs]\n submit_one_bio+0x44/0x60 [btrfs]\n submit_extent_folio+0x13f/0x330 [btrfs]\n ? btrfs_set_range_writeback+0xa3/0xd0 [btrfs]\n extent_writepage_io+0x18b/0x360 [btrfs]\n extent_write_locked_range+0x17c/0x340 [btrfs]\n ? __pfx_end_bbio_data_write+0x10/0x10 [btrfs]\n run_delalloc_cow+0x71/0xd0 [btrfs]\n btrfs_run_delalloc_range+0x176/0x500 [btrfs]\n ? find_lock_delalloc_range+0x119/0x260 [btrfs]\n writepage_delalloc+0x2ab/0x480 [btrfs]\n extent_write_cache_pages+0x236/0x7d0 [btrfs]\n btrfs_writepages+0x72/0x130 [btrfs]\n do_writepages+0xd4/0x240\n ? find_held_lock+0x2b/0x80\n ? wbc_attach_and_unlock_inode+0x12c/0x290\n ? wbc_attach_and_unlock_inode+0x12c/0x29\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50225", url: "https://www.suse.com/security/cve/CVE-2024-50225", }, { category: "external", summary: "SUSE Bug 1233193 for CVE-2024-50225", url: "https://bugzilla.suse.com/1233193", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50225", }, { cve: "CVE-2024-50226", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50226", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix use-after-free, permit out-of-order decoder shutdown\n\nIn support of investigating an initialization failure report [1],\ncxl_test was updated to register mock memory-devices after the mock\nroot-port/bus device had been registered. That led to cxl_test crashing\nwith a use-after-free bug with the following signature:\n\n cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem0:decoder7.0 @ 0 next: cxl_switch_uport.0 nr_eps: 1 nr_targets: 1\n cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem4:decoder14.0 @ 1 next: cxl_switch_uport.0 nr_eps: 2 nr_targets: 1\n cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[0] = cxl_switch_dport.0 for mem0:decoder7.0 @ 0\n1) cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[1] = cxl_switch_dport.4 for mem4:decoder14.0 @ 1\n [..]\n cxld_unregister: cxl decoder14.0:\n cxl_region_decode_reset: cxl_region region3:\n mock_decoder_reset: cxl_port port3: decoder3.0 reset\n2) mock_decoder_reset: cxl_port port3: decoder3.0: out of order reset, expected decoder3.1\n cxl_endpoint_decoder_release: cxl decoder14.0:\n [..]\n cxld_unregister: cxl decoder7.0:\n3) cxl_region_decode_reset: cxl_region region3:\n Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bc3: 0000 [#1] PREEMPT SMP PTI\n [..]\n RIP: 0010:to_cxl_port+0x8/0x60 [cxl_core]\n [..]\n Call Trace:\n <TASK>\n cxl_region_decode_reset+0x69/0x190 [cxl_core]\n cxl_region_detach+0xe8/0x210 [cxl_core]\n cxl_decoder_kill_region+0x27/0x40 [cxl_core]\n cxld_unregister+0x5d/0x60 [cxl_core]\n\nAt 1) a region has been established with 2 endpoint decoders (7.0 and\n14.0). Those endpoints share a common switch-decoder in the topology\n(3.0). At teardown, 2), decoder14.0 is the first to be removed and hits\nthe \"out of order reset case\" in the switch decoder. The effect though\nis that region3 cleanup is aborted leaving it in-tact and\nreferencing decoder14.0. At 3) the second attempt to teardown region3\ntrips over the stale decoder14.0 object which has long since been\ndeleted.\n\nThe fix here is to recognize that the CXL specification places no\nmandate on in-order shutdown of switch-decoders, the driver enforces\nin-order allocation, and hardware enforces in-order commit. So, rather\nthan fail and leave objects dangling, always remove them.\n\nIn support of making cxl_region_decode_reset() always succeed,\ncxl_region_invalidate_memregion() failures are turned into warnings.\nCrashing the kernel is ok there since system integrity is at risk if\ncaches cannot be managed around physical address mutation events like\nCXL region destruction.\n\nA new device_for_each_child_reverse_from() is added to cleanup\nport->commit_end after all dependent decoders have been disabled. In\nother words if decoders are allocated 0->1->2 and disabled 1->2->0 then\nport->commit_end only decrements from 2 after 2 has been disabled, and\nit decrements all the way to zero since 1 was disabled previously.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50226", url: "https://www.suse.com/security/cve/CVE-2024-50226", }, { category: "external", summary: "SUSE Bug 1233195 for CVE-2024-50226", url: "https://bugzilla.suse.com/1233195", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50226", }, { cve: "CVE-2024-50227", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50227", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()\n\nKASAN reported following issue:\n\n BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt]\n Read of size 4 at addr ffff88810111fc1c by task kworker/u56:0/11\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u56:0 Tainted: G U 6.11.0+ #1387\n Tainted: [U]=USER\n Workqueue: thunderbolt0 tb_handle_hotplug [thunderbolt]\n Call Trace:\n <TASK>\n dump_stack_lvl+0x6c/0x90\n print_report+0xd1/0x630\n kasan_report+0xdb/0x110\n __asan_report_load4_noabort+0x14/0x20\n tb_retimer_scan+0xffe/0x1550 [thunderbolt]\n tb_scan_port+0xa6f/0x2060 [thunderbolt]\n tb_handle_hotplug+0x17b1/0x3080 [thunderbolt]\n process_one_work+0x626/0x1100\n worker_thread+0x6c8/0xfa0\n kthread+0x2c8/0x3a0\n ret_from_fork+0x3a/0x80\n ret_from_fork_asm+0x1a/0x30\n\nThis happens because the loop variable still gets incremented by one so\nmax becomes 3 instead of 2, and this makes the second loop read past the\nthe array declared on the stack.\n\nFix this by assigning to max directly in the loop body.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50227", url: "https://www.suse.com/security/cve/CVE-2024-50227", }, { category: "external", summary: "SUSE Bug 1233181 for CVE-2024-50227", url: "https://bugzilla.suse.com/1233181", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50227", }, { cve: "CVE-2024-50228", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50228", }, ], notes: [ { category: "general", text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50228", url: "https://www.suse.com/security/cve/CVE-2024-50228", }, { category: "external", summary: "SUSE Bug 1233204 for CVE-2024-50228", url: "https://bugzilla.suse.com/1233204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 0, baseSeverity: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "low", }, ], title: "CVE-2024-50228", }, { cve: "CVE-2024-50229", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50229", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential deadlock with newly created symlinks\n\nSyzbot reported that page_symlink(), called by nilfs_symlink(), triggers\nmemory reclamation involving the filesystem layer, which can result in\ncircular lock dependencies among the reader/writer semaphore\nnilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the\nfs_reclaim pseudo lock.\n\nThis is because after commit 21fc61c73c39 (\"don't put symlink bodies in\npagecache into highmem\"), the gfp flags of the page cache for symbolic\nlinks are overwritten to GFP_KERNEL via inode_nohighmem().\n\nThis is not a problem for symlinks read from the backing device, because\nthe __GFP_FS flag is dropped after inode_nohighmem() is called. However,\nwhen a new symlink is created with nilfs_symlink(), the gfp flags remain\noverwritten to GFP_KERNEL. Then, memory allocation called from\npage_symlink() etc. triggers memory reclamation including the FS layer,\nwhich may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can\ncause a deadlock if they are called while nilfs->ns_segctor_sem is held:\n\nFix this issue by dropping the __GFP_FS flag from the page cache GFP flags\nof newly created symlinks in the same way that nilfs_new_inode() and\n__nilfs_read_inode() do, as a workaround until we adopt nofs allocation\nscope consistently or improve the locking constraints.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50229", url: "https://www.suse.com/security/cve/CVE-2024-50229", }, { category: "external", summary: "SUSE Bug 1233205 for CVE-2024-50229", url: "https://bugzilla.suse.com/1233205", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50229", }, { cve: "CVE-2024-50230", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50230", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel bug due to missing clearing of checked flag\n\nSyzbot reported that in directory operations after nilfs2 detects\nfilesystem corruption and degrades to read-only,\n__block_write_begin_int(), which is called to prepare block writes, may\nfail the BUG_ON check for accesses exceeding the folio/page size,\ntriggering a kernel bug.\n\nThis was found to be because the \"checked\" flag of a page/folio was not\ncleared when it was discarded by nilfs2's own routine, which causes the\nsanity check of directory entries to be skipped when the directory\npage/folio is reloaded. So, fix that.\n\nThis was necessary when the use of nilfs2's own page discard routine was\napplied to more than just metadata files.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50230", url: "https://www.suse.com/security/cve/CVE-2024-50230", }, { category: "external", summary: "SUSE Bug 1233206 for CVE-2024-50230", url: "https://bugzilla.suse.com/1233206", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50230", }, { cve: "CVE-2024-50231", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50231", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table()\n\nmodprobe iio-test-gts and rmmod it, then the following memory leak\noccurs:\n\n\tunreferenced object 0xffffff80c810be00 (size 64):\n\t comm \"kunit_try_catch\", pid 1654, jiffies 4294913981\n\t hex dump (first 32 bytes):\n\t 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@...\n\t 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................\n\t backtrace (crc a63d875e):\n\t [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40\n\t [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0\n\t [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4\n\t [<0000000071bb4b09>] 0xffffffdf052a62e0\n\t [<000000000315bc18>] 0xffffffdf052a6488\n\t [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000f505065d>] kthread+0x2e8/0x374\n\t [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80cbfe9e70 (size 16):\n\t comm \"kunit_try_catch\", pid 1658, jiffies 4294914015\n\t hex dump (first 16 bytes):\n\t 10 00 00 00 40 00 00 00 80 00 00 00 00 00 00 00 ....@...........\n\t backtrace (crc 857f0cb4):\n\t [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40\n\t [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0\n\t [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4\n\t [<0000000071bb4b09>] 0xffffffdf052a62e0\n\t [<000000007d089d45>] 0xffffffdf052a6864\n\t [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000f505065d>] kthread+0x2e8/0x374\n\t [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20\n\t......\n\nIt includes 5*5 times \"size 64\" memory leaks, which correspond to 5 times\ntest_init_iio_gain_scale() calls with gts_test_gains size 10 (10*size(int))\nand gts_test_itimes size 5. It also includes 5*1 times \"size 16\"\nmemory leak, which correspond to one time __test_init_iio_gain_scale()\ncall with gts_test_gains_gain_low size 3 (3*size(int)) and gts_test_itimes\nsize 5.\n\nThe reason is that the per_time_gains[i] is not freed which is allocated in\nthe \"gts->num_itime\" for loop in iio_gts_build_avail_scale_table().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50231", url: "https://www.suse.com/security/cve/CVE-2024-50231", }, { category: "external", summary: "SUSE Bug 1233208 for CVE-2024-50231", url: "https://bugzilla.suse.com/1233208", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50231", }, { cve: "CVE-2024-50232", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50232", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ad7124: fix division by zero in ad7124_set_channel_odr()\n\nIn the ad7124_write_raw() function, parameter val can potentially\nbe zero. This may lead to a division by zero when DIV_ROUND_CLOSEST()\nis called within ad7124_set_channel_odr(). The ad7124_write_raw()\nfunction is invoked through the sequence: iio_write_channel_raw() ->\niio_write_channel_attribute() -> iio_channel_write(), with no checks\nin place to ensure val is non-zero.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50232", url: "https://www.suse.com/security/cve/CVE-2024-50232", }, { category: "external", summary: "SUSE Bug 1233209 for CVE-2024-50232", url: "https://bugzilla.suse.com/1233209", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50232", }, { cve: "CVE-2024-50233", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50233", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()\n\nIn the ad9832_write_frequency() function, clk_get_rate() might return 0.\nThis can lead to a division by zero when calling ad9832_calc_freqreg().\nThe check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect\nagainst the case when fout is 0. The ad9832_write_frequency() function\nis called from ad9832_write(), and fout is derived from a text buffer,\nwhich can contain any value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50233", url: "https://www.suse.com/security/cve/CVE-2024-50233", }, { category: "external", summary: "SUSE Bug 1233210 for CVE-2024-50233", url: "https://bugzilla.suse.com/1233210", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50233", }, { cve: "CVE-2024-50234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50234", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn't being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere's a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card's basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50234", url: "https://www.suse.com/security/cve/CVE-2024-50234", }, { category: "external", summary: "SUSE Bug 1233211 for CVE-2024-50234", url: "https://bugzilla.suse.com/1233211", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50234", }, { cve: "CVE-2024-50235", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50235", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: clear wdev->cqm_config pointer on free\n\nWhen we free wdev->cqm_config when unregistering, we also\nneed to clear out the pointer since the same wdev/netdev\nmay get re-registered in another network namespace, then\ndestroyed later, running this code again, which results in\na double-free.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50235", url: "https://www.suse.com/security/cve/CVE-2024-50235", }, { category: "external", summary: "SUSE Bug 1233176 for CVE-2024-50235", url: "https://bugzilla.suse.com/1233176", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50235", }, { cve: "CVE-2024-50236", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50236", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: Fix memory leak in management tx\n\nIn the current logic, memory is allocated for storing the MSDU context\nduring management packet TX but this memory is not being freed during\nmanagement TX completion. Similar leaks are seen in the management TX\ncleanup logic.\n\nKmemleak reports this problem as below,\n\nunreferenced object 0xffffff80b64ed250 (size 16):\n comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (age 714.199s)\n hex dump (first 16 bytes):\n 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t......\n backtrace:\n [<ffffffe6e7b245dc>] __kmem_cache_alloc_node+0x1e4/0x2d8\n [<ffffffe6e7adde88>] kmalloc_trace+0x48/0x110\n [<ffffffe6bbd765fc>] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core]\n [<ffffffe6bbd3eed4>] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core]\n [<ffffffe6e78d5974>] process_scheduled_works+0x1ac/0x400\n [<ffffffe6e78d60b8>] worker_thread+0x208/0x328\n [<ffffffe6e78dc890>] kthread+0x100/0x1c0\n [<ffffffe6e78166c0>] ret_from_fork+0x10/0x20\n\nFree the memory during completion and cleanup to fix the leak.\n\nProtect the mgmt_pending_tx idr_remove() operation in\nath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar->data_lock similar to\nother instances.\n\nTested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50236", url: "https://www.suse.com/security/cve/CVE-2024-50236", }, { category: "external", summary: "SUSE Bug 1233212 for CVE-2024-50236", url: "https://bugzilla.suse.com/1233212", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50236", }, { cve: "CVE-2024-50237", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50237", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: do not pass a stopped vif to the driver in .get_txpower\n\nAvoid potentially crashing in the driver because of uninitialized private data", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50237", url: "https://www.suse.com/security/cve/CVE-2024-50237", }, { category: "external", summary: "SUSE Bug 1233216 for CVE-2024-50237", url: "https://bugzilla.suse.com/1233216", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50237", }, { cve: "CVE-2024-50238", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50238", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usbc: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data from the\nqcom-qmp-usb driver, but mistakenly also removed the initialisation\ndespite the data still being used in the runtime PM callbacks. This bug\nwas later reproduced when the driver was copied to create the qmp-usbc\ndriver.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with these drivers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50238", url: "https://www.suse.com/security/cve/CVE-2024-50238", }, { category: "external", summary: "SUSE Bug 1233182 for CVE-2024-50238", url: "https://bugzilla.suse.com/1233182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50238", }, { cve: "CVE-2024-50239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50239", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data from the\nqcom-qmp-usb driver, but mistakenly also removed the initialisation\ndespite the data still being used in the runtime PM callbacks. This bug\nwas later reproduced when the driver was copied to create the\nqmp-usb-legacy driver.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with these drivers.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50239", url: "https://www.suse.com/security/cve/CVE-2024-50239", }, { category: "external", summary: "SUSE Bug 1233180 for CVE-2024-50239", url: "https://bugzilla.suse.com/1233180", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50239", }, { cve: "CVE-2024-50240", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50240", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: qcom: qmp-usb: fix NULL-deref on runtime suspend\n\nCommit 413db06c05e7 (\"phy: qcom-qmp-usb: clean up probe initialisation\")\nremoved most users of the platform device driver data, but mistakenly\nalso removed the initialisation despite the data still being used in the\nruntime PM callbacks.\n\nRestore the driver data initialisation at probe to avoid a NULL-pointer\ndereference on runtime suspend.\n\nApparently no one uses runtime PM, which currently needs to be enabled\nmanually through sysfs, with this driver.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50240", url: "https://www.suse.com/security/cve/CVE-2024-50240", }, { category: "external", summary: "SUSE Bug 1233217 for CVE-2024-50240", url: "https://bugzilla.suse.com/1233217", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50240", }, { cve: "CVE-2024-50241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50241", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Initialize struct nfsd4_copy earlier\n\nEnsure the refcount and async_copies fields are initialized early.\ncleanup_async_copy() will reference these fields if an error occurs\nin nfsd4_copy(). If they are not correctly initialized, at the very\nleast, a refcount underflow occurs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50241", url: "https://www.suse.com/security/cve/CVE-2024-50241", }, { category: "external", summary: "SUSE Bug 1233187 for CVE-2024-50241", url: "https://bugzilla.suse.com/1233187", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50241", }, { cve: "CVE-2024-50242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50242", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Additional check in ntfs_file_release", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50242", url: "https://www.suse.com/security/cve/CVE-2024-50242", }, { category: "external", summary: "SUSE Bug 1233268 for CVE-2024-50242", url: "https://bugzilla.suse.com/1233268", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50242", }, { cve: "CVE-2024-50243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50243", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix general protection fault in run_is_mapped_full\n\nFixed deleating of a non-resident attribute in ntfs_create_inode()\nrollback.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50243", url: "https://www.suse.com/security/cve/CVE-2024-50243", }, { category: "external", summary: "SUSE Bug 1233269 for CVE-2024-50243", url: "https://bugzilla.suse.com/1233269", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50243", }, { cve: "CVE-2024-50244", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50244", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Additional check in ni_clear()\n\nChecking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to\nuninitialized bitmap during replay process.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50244", url: "https://www.suse.com/security/cve/CVE-2024-50244", }, { category: "external", summary: "SUSE Bug 1233270 for CVE-2024-50244", url: "https://bugzilla.suse.com/1233270", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50244", }, { cve: "CVE-2024-50245", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50245", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix possible deadlock in mi_read\n\nMutex lock with another subclass used in ni_lock_dir().", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50245", url: "https://www.suse.com/security/cve/CVE-2024-50245", }, { category: "external", summary: "SUSE Bug 1233203 for CVE-2024-50245", url: "https://bugzilla.suse.com/1233203", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50245", }, { cve: "CVE-2024-50246", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50246", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add rough attr alloc_size check", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50246", url: "https://www.suse.com/security/cve/CVE-2024-50246", }, { category: "external", summary: "SUSE Bug 1233207 for CVE-2024-50246", url: "https://bugzilla.suse.com/1233207", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50246", }, { cve: "CVE-2024-50247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50247", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Check if more than chunk-size bytes are written\n\nA incorrectly formatted chunk may decompress into\nmore than LZNT_CHUNK_SIZE bytes and a index out of bounds\nwill occur in s_max_off.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50247", url: "https://www.suse.com/security/cve/CVE-2024-50247", }, { category: "external", summary: "SUSE Bug 1233271 for CVE-2024-50247", url: "https://bugzilla.suse.com/1233271", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50247", }, { cve: "CVE-2024-50248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50248", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs3: Add bounds checking to mi_enum_attr()\n\nAdded bounds checking to make sure that every attr don't stray beyond\nvalid memory region.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50248", url: "https://www.suse.com/security/cve/CVE-2024-50248", }, { category: "external", summary: "SUSE Bug 1233219 for CVE-2024-50248", url: "https://bugzilla.suse.com/1233219", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50248", }, { cve: "CVE-2024-50249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50249", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Make rmw_lock a raw_spin_lock\n\nThe following BUG was triggered:\n\n=============================\n[ BUG: Invalid wait context ]\n6.12.0-rc2-XXX #406 Not tainted\n-----------------------------\nkworker/1:1/62 is trying to lock:\nffffff8801593030 (&cpc_ptr->rmw_lock){+.+.}-{3:3}, at: cpc_write+0xcc/0x370\nother info that might help us debug this:\ncontext-{5:5}\n2 locks held by kworker/1:1/62:\n #0: ffffff897ef5ec98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x50\n #1: ffffff880154e238 (&sg_policy->update_lock){....}-{2:2}, at: sugov_update_shared+0x3c/0x280\nstack backtrace:\nCPU: 1 UID: 0 PID: 62 Comm: kworker/1:1 Not tainted 6.12.0-rc2-g9654bd3e8806 #406\nWorkqueue: 0x0 (events)\nCall trace:\n dump_backtrace+0xa4/0x130\n show_stack+0x20/0x38\n dump_stack_lvl+0x90/0xd0\n dump_stack+0x18/0x28\n __lock_acquire+0x480/0x1ad8\n lock_acquire+0x114/0x310\n _raw_spin_lock+0x50/0x70\n cpc_write+0xcc/0x370\n cppc_set_perf+0xa0/0x3a8\n cppc_cpufreq_fast_switch+0x40/0xc0\n cpufreq_driver_fast_switch+0x4c/0x218\n sugov_update_shared+0x234/0x280\n update_load_avg+0x6ec/0x7b8\n dequeue_entities+0x108/0x830\n dequeue_task_fair+0x58/0x408\n __schedule+0x4f0/0x1070\n schedule+0x54/0x130\n worker_thread+0xc0/0x2e8\n kthread+0x130/0x148\n ret_from_fork+0x10/0x20\n\nsugov_update_shared() locks a raw_spinlock while cpc_write() locks a\nspinlock.\n\nTo have a correct wait-type order, update rmw_lock to a raw spinlock and\nensure that interrupts will be disabled on the CPU holding it.\n\n[ rjw: Changelog edits ]", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50249", url: "https://www.suse.com/security/cve/CVE-2024-50249", }, { category: "external", summary: "SUSE Bug 1233197 for CVE-2024-50249", url: "https://bugzilla.suse.com/1233197", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50249", }, { cve: "CVE-2024-50250", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50250", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: dax_unshare_iter needs to copy entire blocks\n\nThe code that copies data from srcmap to iomap in dax_unshare_iter is\nvery very broken, which bfoster's recent fsx changes have exposed.\n\nIf the pos and len passed to dax_file_unshare are not aligned to an\nfsblock boundary, the iter pos and length in the _iter function will\nreflect this unalignment.\n\ndax_iomap_direct_access always returns a pointer to the start of the\nkmapped fsdax page, even if its pos argument is in the middle of that\npage. This is catastrophic for data integrity when iter->pos is not\naligned to a page, because daddr/saddr do not point to the same byte in\nthe file as iter->pos. Hence we corrupt user data by copying it to the\nwrong place.\n\nIf iter->pos + iomap_length() in the _iter function not aligned to a\npage, then we fail to copy a full block, and only partially populate the\ndestination block. This is catastrophic for data confidentiality\nbecause we expose stale pmem contents.\n\nFix both of these issues by aligning copy_pos/copy_len to a page\nboundary (remember, this is fsdax so 1 fsblock == 1 base page) so that\nwe always copy full blocks.\n\nWe're not done yet -- there's no call to invalidate_inode_pages2_range,\nso programs that have the file range mmap'd will continue accessing the\nold memory mapping after the file metadata updates have completed.\n\nBe careful with the return value -- if the unshare succeeds, we still\nneed to return the number of bytes that the iomap iter thinks we're\noperating on.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50250", url: "https://www.suse.com/security/cve/CVE-2024-50250", }, { category: "external", summary: "SUSE Bug 1233226 for CVE-2024-50250", url: "https://bugzilla.suse.com/1233226", }, { category: "external", summary: "SUSE Bug 1233227 for CVE-2024-50250", url: "https://bugzilla.suse.com/1233227", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50250", }, { cve: "CVE-2024-50251", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50251", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50251", url: "https://www.suse.com/security/cve/CVE-2024-50251", }, { category: "external", summary: "SUSE Bug 1233248 for CVE-2024-50251", url: "https://bugzilla.suse.com/1233248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50251", }, { cve: "CVE-2024-50252", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50252", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address\n\nThe device stores IPv6 addresses that are used for encapsulation in\nlinear memory that is managed by the driver.\n\nChanging the remote address of an ip6gre net device never worked\nproperly, but since cited commit the following reproducer [1] would\nresult in a warning [2] and a memory leak [3]. The problem is that the\nnew remote address is never added by the driver to its hash table (and\ntherefore the device) and the old address is never removed from it.\n\nFix by programming the new address when the configuration of the ip6gre\nnet device changes and removing the old one. If the address did not\nchange, then the above would result in increasing the reference count of\nthe address and then decreasing it.\n\n[1]\n # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit\n # ip link set dev bla type ip6gre remote 2001:db8:3::1\n # ip link del dev bla\n # devlink dev reload pci/0000:01:00.0\n\n[2]\nWARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0\nModules linked in:\nCPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151\nHardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023\nRIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0\n[...]\nCall Trace:\n <TASK>\n mlxsw_sp_router_netdevice_event+0x55f/0x1240\n notifier_call_chain+0x5a/0xd0\n call_netdevice_notifiers_info+0x39/0x90\n unregister_netdevice_many_notify+0x63e/0x9d0\n rtnl_dellink+0x16b/0x3a0\n rtnetlink_rcv_msg+0x142/0x3f0\n netlink_rcv_skb+0x50/0x100\n netlink_unicast+0x242/0x390\n netlink_sendmsg+0x1de/0x420\n ____sys_sendmsg+0x2bd/0x320\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x9e/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[3]\nunreferenced object 0xffff898081f597a0 (size 32):\n comm \"ip\", pid 1626, jiffies 4294719324\n hex dump (first 32 bytes):\n 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ...............\n 21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia.............\n backtrace (crc fd9be911):\n [<00000000df89c55d>] __kmalloc_cache_noprof+0x1da/0x260\n [<00000000ff2a1ddb>] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340\n [<000000009ddd445d>] mlxsw_sp_router_netdevice_event+0x47b/0x1240\n [<00000000743e7757>] notifier_call_chain+0x5a/0xd0\n [<000000007c7b9e13>] call_netdevice_notifiers_info+0x39/0x90\n [<000000002509645d>] register_netdevice+0x5f7/0x7a0\n [<00000000c2e7d2a9>] ip6gre_newlink_common.isra.0+0x65/0x130\n [<0000000087cd6d8d>] ip6gre_newlink+0x72/0x120\n [<000000004df7c7cc>] rtnl_newlink+0x471/0xa20\n [<0000000057ed632a>] rtnetlink_rcv_msg+0x142/0x3f0\n [<0000000032e0d5b5>] netlink_rcv_skb+0x50/0x100\n [<00000000908bca63>] netlink_unicast+0x242/0x390\n [<00000000cdbe1c87>] netlink_sendmsg+0x1de/0x420\n [<0000000011db153e>] ____sys_sendmsg+0x2bd/0x320\n [<000000003b6d53eb>] ___sys_sendmsg+0x9a/0xe0\n [<00000000cae27c62>] __sys_sendmsg+0x7a/0xd0", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50252", url: "https://www.suse.com/security/cve/CVE-2024-50252", }, { category: "external", summary: "SUSE Bug 1233201 for CVE-2024-50252", url: "https://bugzilla.suse.com/1233201", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50252", }, { cve: "CVE-2024-50253", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50253", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check the validity of nr_words in bpf_iter_bits_new()\n\nCheck the validity of nr_words in bpf_iter_bits_new(). Without this\ncheck, when multiplication overflow occurs for nr_bits (e.g., when\nnr_words = 0x0400-0001, nr_bits becomes 64), stack corruption may occur\ndue to bpf_probe_read_kernel_common(..., nr_bytes = 0x2000-0008).\n\nFix it by limiting the maximum value of nr_words to 511. The value is\nderived from the current implementation of BPF memory allocator. To\nensure compatibility if the BPF memory allocator's size limitation\nchanges in the future, use the helper bpf_mem_alloc_check_size() to\ncheck whether nr_bytes is too larger. And return -E2BIG instead of\n-ENOMEM for oversized nr_bytes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50253", url: "https://www.suse.com/security/cve/CVE-2024-50253", }, { category: "external", summary: "SUSE Bug 1233186 for CVE-2024-50253", url: "https://bugzilla.suse.com/1233186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50253", }, { cve: "CVE-2024-50254", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50254", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Free dynamically allocated bits in bpf_iter_bits_destroy()\n\nbpf_iter_bits_destroy() uses \"kit->nr_bits <= 64\" to check whether the\nbits are dynamically allocated. However, the check is incorrect and may\ncause a kmemleak as shown below:\n\nunreferenced object 0xffff88812628c8c0 (size 32):\n comm \"swapper/0\", pid 1, jiffies 4294727320\n hex dump (first 32 bytes):\n\tb0 c1 55 f5 81 88 ff ff f0 f0 f0 f0 f0 f0 f0 f0 ..U...........\n\tf0 f0 f0 f0 f0 f0 f0 f0 00 00 00 00 00 00 00 00 ..............\n backtrace (crc 781e32cc):\n\t[<00000000c452b4ab>] kmemleak_alloc+0x4b/0x80\n\t[<0000000004e09f80>] __kmalloc_node_noprof+0x480/0x5c0\n\t[<00000000597124d6>] __alloc.isra.0+0x89/0xb0\n\t[<000000004ebfffcd>] alloc_bulk+0x2af/0x720\n\t[<00000000d9c10145>] prefill_mem_cache+0x7f/0xb0\n\t[<00000000ff9738ff>] bpf_mem_alloc_init+0x3e2/0x610\n\t[<000000008b616eac>] bpf_global_ma_init+0x19/0x30\n\t[<00000000fc473efc>] do_one_initcall+0xd3/0x3c0\n\t[<00000000ec81498c>] kernel_init_freeable+0x66a/0x940\n\t[<00000000b119f72f>] kernel_init+0x20/0x160\n\t[<00000000f11ac9a7>] ret_from_fork+0x3c/0x70\n\t[<0000000004671da4>] ret_from_fork_asm+0x1a/0x30\n\nThat is because nr_bits will be set as zero in bpf_iter_bits_next()\nafter all bits have been iterated.\n\nFix the issue by setting kit->bit to kit->nr_bits instead of setting\nkit->nr_bits to zero when the iteration completes in\nbpf_iter_bits_next(). In addition, use \"!nr_bits || bits >= nr_bits\" to\ncheck whether the iteration is complete and still use \"nr_bits > 64\" to\nindicate whether bits are dynamically allocated. The \"!nr_bits\" check is\nnecessary because bpf_iter_bits_new() may fail before setting\nkit->nr_bits, and this condition will stop the iteration early instead\nof accessing the zeroed or freed kit->bits.\n\nConsidering the initial value of kit->bits is -1 and the type of\nkit->nr_bits is unsigned int, change the type of kit->nr_bits to int.\nThe potential overflow problem will be handled in the following patch.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50254", url: "https://www.suse.com/security/cve/CVE-2024-50254", }, { category: "external", summary: "SUSE Bug 1233183 for CVE-2024-50254", url: "https://bugzilla.suse.com/1233183", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50254", }, { cve: "CVE-2024-50255", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50255", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs\n\nFix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.\n\n__hci_cmd_sync_sk() returns NULL if a command returns a status event.\nHowever, it also returns NULL where an opcode doesn't exist in the\nhci_cc table because hci_cmd_complete_evt() assumes status = skb->data[0]\nfor unknown opcodes.\nThis leads to null-ptr-deref in cmd_sync for HCI_OP_READ_LOCAL_CODECS as\nthere is no hci_cc for HCI_OP_READ_LOCAL_CODECS, which always assumes\nstatus = skb->data[0].\n\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 2000 Comm: kworker/u9:5 Not tainted 6.9.0-ga6bcb805883c-dirty #10\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: hci7 hci_power_on\nRIP: 0010:hci_read_supported_codecs+0xb9/0x870 net/bluetooth/hci_codec.c:138\nCode: 08 48 89 ef e8 b8 c1 8f fd 48 8b 75 00 e9 96 00 00 00 49 89 c6 48 ba 00 00 00 00 00 fc ff df 4c 8d 60 70 4c 89 e3 48 c1 eb 03 <0f> b6 04 13 84 c0 0f 85 82 06 00 00 41 83 3c 24 02 77 0a e8 bf 78\nRSP: 0018:ffff888120bafac8 EFLAGS: 00010212\nRAX: 0000000000000000 RBX: 000000000000000e RCX: ffff8881173f0040\nRDX: dffffc0000000000 RSI: ffffffffa58496c0 RDI: ffff88810b9ad1e4\nRBP: ffff88810b9ac000 R08: ffffffffa77882a7 R09: 1ffffffff4ef1054\nR10: dffffc0000000000 R11: fffffbfff4ef1055 R12: 0000000000000070\nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88810b9ac000\nFS: 0000000000000000(0000) GS:ffff8881f6c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f6ddaa3439e CR3: 0000000139764003 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n <TASK>\n hci_read_local_codecs_sync net/bluetooth/hci_sync.c:4546 [inline]\n hci_init_stage_sync net/bluetooth/hci_sync.c:3441 [inline]\n hci_init4_sync net/bluetooth/hci_sync.c:4706 [inline]\n hci_init_sync net/bluetooth/hci_sync.c:4742 [inline]\n hci_dev_init_sync net/bluetooth/hci_sync.c:4912 [inline]\n hci_dev_open_sync+0x19a9/0x2d30 net/bluetooth/hci_sync.c:4994\n hci_dev_do_open net/bluetooth/hci_core.c:483 [inline]\n hci_power_on+0x11e/0x560 net/bluetooth/hci_core.c:1015\n process_one_work kernel/workqueue.c:3267 [inline]\n process_scheduled_works+0x8ef/0x14f0 kernel/workqueue.c:3348\n worker_thread+0x91f/0xe50 kernel/workqueue.c:3429\n kthread+0x2cb/0x360 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50255", url: "https://www.suse.com/security/cve/CVE-2024-50255", }, { category: "external", summary: "SUSE Bug 1233238 for CVE-2024-50255", url: "https://bugzilla.suse.com/1233238", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50255", }, { cve: "CVE-2024-50256", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50256", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()\n\nI got a syzbot report without a repro [1] crashing in nf_send_reset6()\n\nI think the issue is that dev->hard_header_len is zero, and we attempt\nlater to push an Ethernet header.\n\nUse LL_MAX_HEADER, as other functions in net/ipv6/netfilter/nf_reject_ipv6.c.\n\n[1]\n\nskbuff: skb_under_panic: text:ffffffff89b1d008 len:74 put:14 head:ffff88803123aa00 data:ffff88803123a9f2 tail:0x3c end:0x140 dev:syz_tun\n kernel BUG at net/core/skbuff.c:206 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 7373 Comm: syz.1.568 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:skb_panic net/core/skbuff.c:206 [inline]\n RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216\nCode: 0d 8d 48 c7 c6 60 a6 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 ba 30 38 02 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3\nRSP: 0018:ffffc900045269b0 EFLAGS: 00010282\nRAX: 0000000000000088 RBX: dffffc0000000000 RCX: cd66dacdc5d8e800\nRDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000\nRBP: ffff88802d39a3d0 R08: ffffffff8174afec R09: 1ffff920008a4ccc\nR10: dffffc0000000000 R11: fffff520008a4ccd R12: 0000000000000140\nR13: ffff88803123aa00 R14: ffff88803123a9f2 R15: 000000000000003c\nFS: 00007fdbee5ff6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000005d322000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n skb_push+0xe5/0x100 net/core/skbuff.c:2636\n eth_header+0x38/0x1f0 net/ethernet/eth.c:83\n dev_hard_header include/linux/netdevice.h:3208 [inline]\n nf_send_reset6+0xce6/0x1270 net/ipv6/netfilter/nf_reject_ipv6.c:358\n nft_reject_inet_eval+0x3b9/0x690 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x418/0x6b0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n br_nf_pre_routing_ipv6+0x63e/0x770 net/bridge/br_netfilter_ipv6.c:184\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_bridge_pre net/bridge/br_input.c:277 [inline]\n br_handle_frame+0x9fd/0x1530 net/bridge/br_input.c:424\n __netif_receive_skb_core+0x13e8/0x4570 net/core/dev.c:5562\n __netif_receive_skb_one_core net/core/dev.c:5666 [inline]\n __netif_receive_skb+0x12f/0x650 net/core/dev.c:5781\n netif_receive_skb_internal net/core/dev.c:5867 [inline]\n netif_receive_skb+0x1e8/0x890 net/core/dev.c:5926\n tun_rx_batched+0x1b7/0x8f0 drivers/net/tun.c:1550\n tun_get_user+0x3056/0x47e0 drivers/net/tun.c:2007\n tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2053\n new_sync_write fs/read_write.c:590 [inline]\n vfs_write+0xa6d/0xc90 fs/read_write.c:683\n ksys_write+0x183/0x2b0 fs/read_write.c:736\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdbeeb7d1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48\nRSP: 002b:00007fdbee5ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fdbeed36058 RCX: 00007fdbeeb7d1ff\nRDX: 000000000000008e RSI: 0000000020000040 RDI: 00000000000000c8\nRBP: 00007fdbeebf12be R08: 0000000\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50256", url: "https://www.suse.com/security/cve/CVE-2024-50256", }, { category: "external", summary: "SUSE Bug 1233200 for CVE-2024-50256", url: "https://bugzilla.suse.com/1233200", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50256", }, { cve: "CVE-2024-50257", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50257", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: Fix use-after-free in get_info()\n\nip6table_nat module unload has refcnt warning for UAF. call trace is:\n\nWARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 module_put+0x6f/0x80\nModules linked in: ip6table_nat(-)\nCPU: 1 UID: 0 PID: 379 Comm: ip6tables Not tainted 6.12.0-rc4-00047-gc2ee9f594da8-dirty #205\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:module_put+0x6f/0x80\nCall Trace:\n <TASK>\n get_info+0x128/0x180\n do_ip6t_get_ctl+0x6a/0x430\n nf_getsockopt+0x46/0x80\n ipv6_getsockopt+0xb9/0x100\n rawv6_getsockopt+0x42/0x190\n do_sock_getsockopt+0xaa/0x180\n __sys_getsockopt+0x70/0xc0\n __x64_sys_getsockopt+0x20/0x30\n do_syscall_64+0xa2/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nConcurrent execution of module unload and get_info() trigered the warning.\nThe root cause is as follows:\n\ncpu0\t\t\t\t cpu1\nmodule_exit\n//mod->state = MODULE_STATE_GOING\n ip6table_nat_exit\n xt_unregister_template\n\tkfree(t)\n\t//removed from templ_list\n\t\t\t\t getinfo()\n\t\t\t\t\t t = xt_find_table_lock\n\t\t\t\t\t\tlist_for_each_entry(tmpl, &xt_templates[af]...)\n\t\t\t\t\t\t\tif (strcmp(tmpl->name, name))\n\t\t\t\t\t\t\t\tcontinue; //table not found\n\t\t\t\t\t\t\ttry_module_get\n\t\t\t\t\t\tlist_for_each_entry(t, &xt_net->tables[af]...)\n\t\t\t\t\t\t\treturn t; //not get refcnt\n\t\t\t\t\t module_put(t->me) //uaf\n unregister_pernet_subsys\n //remove table from xt_net list\n\nWhile xt_table module was going away and has been removed from\nxt_templates list, we couldnt get refcnt of xt_table->me. Check\nmodule in xt_net->tables list re-traversal to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50257", url: "https://www.suse.com/security/cve/CVE-2024-50257", }, { category: "external", summary: "SUSE Bug 1233244 for CVE-2024-50257", url: "https://bugzilla.suse.com/1233244", }, { category: "external", summary: "SUSE Bug 1233245 for CVE-2024-50257", url: "https://bugzilla.suse.com/1233245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50257", }, { cve: "CVE-2024-50258", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50258", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk->sk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb->len = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -> 0\n tso_segs = DIV_ROUND_UP(skb->len, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50258", url: "https://www.suse.com/security/cve/CVE-2024-50258", }, { category: "external", summary: "SUSE Bug 1233221 for CVE-2024-50258", url: "https://bugzilla.suse.com/1233221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50258", }, { cve: "CVE-2024-50259", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50259", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()\n\nThis was found by a static analyzer.\nWe should not forget the trailing zero after copy_from_user()\nif we will further do some string operations, sscanf() in this\ncase. Adding a trailing zero will ensure that the function\nperforms properly.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50259", url: "https://www.suse.com/security/cve/CVE-2024-50259", }, { category: "external", summary: "SUSE Bug 1233214 for CVE-2024-50259", url: "https://bugzilla.suse.com/1233214", }, { category: "external", summary: "SUSE Bug 1233215 for CVE-2024-50259", url: "https://bugzilla.suse.com/1233215", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50259", }, { cve: "CVE-2024-50260", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50260", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsock_map: fix a NULL pointer dereference in sock_map_link_update_prog()\n\nThe following race condition could trigger a NULL pointer dereference:\n\nsock_map_link_detach():\t\tsock_map_link_update_prog():\n mutex_lock(&sockmap_mutex);\n ...\n sockmap_link->map = NULL;\n mutex_unlock(&sockmap_mutex);\n \t\t\t\t mutex_lock(&sockmap_mutex);\n\t\t\t\t ...\n\t\t\t\t sock_map_prog_link_lookup(sockmap_link->map);\n\t\t\t\t mutex_unlock(&sockmap_mutex);\n <continue>\n\nFix it by adding a NULL pointer check. In this specific case, it makes\nno sense to update a link which is being released.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50260", url: "https://www.suse.com/security/cve/CVE-2024-50260", }, { category: "external", summary: "SUSE Bug 1233178 for CVE-2024-50260", url: "https://bugzilla.suse.com/1233178", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50260", }, { cve: "CVE-2024-50261", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50261", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: Fix use-after-free while sending the offloading packet\n\nKASAN reports the following UAF. The metadata_dst, which is used to\nstore the SCI value for macsec offload, is already freed by\nmetadata_dst_free() in macsec_free_netdev(), while driver still use it\nfor sending the packet.\n\nTo fix this issue, dst_release() is used instead to release\nmetadata_dst. So it is not freed instantly in macsec_free_netdev() if\nstill referenced by skb.\n\n BUG: KASAN: slab-use-after-free in mlx5e_xmit+0x1e8f/0x4190 [mlx5_core]\n Read of size 2 at addr ffff88813e42e038 by task kworker/7:2/714\n [...]\n Workqueue: mld mld_ifc_work\n Call Trace:\n <TASK>\n dump_stack_lvl+0x51/0x60\n print_report+0xc1/0x600\n kasan_report+0xab/0xe0\n mlx5e_xmit+0x1e8f/0x4190 [mlx5_core]\n dev_hard_start_xmit+0x120/0x530\n sch_direct_xmit+0x149/0x11e0\n __qdisc_run+0x3ad/0x1730\n __dev_queue_xmit+0x1196/0x2ed0\n vlan_dev_hard_start_xmit+0x32e/0x510 [8021q]\n dev_hard_start_xmit+0x120/0x530\n __dev_queue_xmit+0x14a7/0x2ed0\n macsec_start_xmit+0x13e9/0x2340\n dev_hard_start_xmit+0x120/0x530\n __dev_queue_xmit+0x14a7/0x2ed0\n ip6_finish_output2+0x923/0x1a70\n ip6_finish_output+0x2d7/0x970\n ip6_output+0x1ce/0x3a0\n NF_HOOK.constprop.0+0x15f/0x190\n mld_sendpack+0x59a/0xbd0\n mld_ifc_work+0x48a/0xa80\n process_one_work+0x5aa/0xe50\n worker_thread+0x79c/0x1290\n kthread+0x28f/0x350\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x11/0x20\n </TASK>\n\n Allocated by task 3922:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x77/0x90\n __kmalloc_noprof+0x188/0x400\n metadata_dst_alloc+0x1f/0x4e0\n macsec_newlink+0x914/0x1410\n __rtnl_newlink+0xe08/0x15b0\n rtnl_newlink+0x5f/0x90\n rtnetlink_rcv_msg+0x667/0xa80\n netlink_rcv_skb+0x12c/0x360\n netlink_unicast+0x551/0x770\n netlink_sendmsg+0x72d/0xbd0\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x52e/0x6a0\n ___sys_sendmsg+0xeb/0x170\n __sys_sendmsg+0xb5/0x140\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n Freed by task 4011:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x50\n poison_slab_object+0x10c/0x190\n __kasan_slab_free+0x11/0x30\n kfree+0xe0/0x290\n macsec_free_netdev+0x3f/0x140\n netdev_run_todo+0x450/0xc70\n rtnetlink_rcv_msg+0x66f/0xa80\n netlink_rcv_skb+0x12c/0x360\n netlink_unicast+0x551/0x770\n netlink_sendmsg+0x72d/0xbd0\n __sock_sendmsg+0xc5/0x190\n ____sys_sendmsg+0x52e/0x6a0\n ___sys_sendmsg+0xeb/0x170\n __sys_sendmsg+0xb5/0x140\n do_syscall_64+0x4c/0x100\n entry_SYSCALL_64_after_hwframe+0x4b/0x53", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50261", url: "https://www.suse.com/security/cve/CVE-2024-50261", }, { category: "external", summary: "SUSE Bug 1233253 for CVE-2024-50261", url: "https://bugzilla.suse.com/1233253", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "important", }, ], title: "CVE-2024-50261", }, { cve: "CVE-2024-50262", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50262", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix out-of-bounds write in trie_get_next_key()\n\ntrie_get_next_key() allocates a node stack with size trie->max_prefixlen,\nwhile it writes (trie->max_prefixlen + 1) nodes to the stack when it has\nfull paths from the root to leaves. For example, consider a trie with\nmax_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ...\n0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with\n.prefixlen = 8 make 9 nodes be written on the node stack with size 8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50262", url: "https://www.suse.com/security/cve/CVE-2024-50262", }, { category: "external", summary: "SUSE Bug 1233239 for CVE-2024-50262", url: "https://bugzilla.suse.com/1233239", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50262", }, { cve: "CVE-2024-50263", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50263", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: only invoke khugepaged, ksm hooks if no error\n\nThere is no reason to invoke these hooks early against an mm that is in an\nincomplete state.\n\nThe change in commit d24062914837 (\"fork: use __mt_dup() to duplicate\nmaple tree in dup_mmap()\") makes this more pertinent as we may be in a\nstate where entries in the maple tree are not yet consistent.\n\nTheir placement early in dup_mmap() only appears to have been meaningful\nfor early error checking, and since functionally it'd require a very small\nallocation to fail (in practice 'too small to fail') that'd only occur in\nthe most dire circumstances, meaning the fork would fail or be OOM'd in\nany case.\n\nSince both khugepaged and KSM tracking are there to provide optimisations\nto memory performance rather than critical functionality, it doesn't\nreally matter all that much if, under such dire memory pressure, we fail\nto register an mm with these.\n\nAs a result, we follow the example of commit d2081b2bf819 (\"mm:\nkhugepaged: make khugepaged_enter() void function\") and make ksm_fork() a\nvoid function also.\n\nWe only expose the mm to these functions once we are done with them and\nonly if no error occurred in the fork operation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50263", url: "https://www.suse.com/security/cve/CVE-2024-50263", }, { category: "external", summary: "SUSE Bug 1233254 for CVE-2024-50263", url: "https://bugzilla.suse.com/1233254", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-devel-longterm-6.12.11-1.1.x86_64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.aarch64", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.ppc64le", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.s390x", "openSUSE Tumbleweed:kernel-source-longterm-6.12.11-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-28T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-50263", }, ], }
ghsa-jfp4-pv53-rv88
Vulnerability from github
Published
2024-11-07 12:30
Modified
2024-11-13 15:31
Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix possible double free in smb2_set_ea()
Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~~~~~
There is a double free in such case: 'ea is initialized to NULL' -> 'first successful memory allocation for ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea' -> 'goto replay_again' -> 'second goto sea_exit before allocate memory for ea' -> 'second memory release for ea resulted in double free'.
Re-initialie 'ea' to NULL near to the replay_again label, it can fix this double free problem.
{ affected: [], aliases: [ "CVE-2024-50152", ], database_specific: { cwe_ids: [ "CWE-415", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-11-07T10:15:06Z", severity: "MODERATE", }, details: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n'ea is initialized to NULL' -> 'first successful memory allocation for\nea' -> 'something failed, goto sea_exit' -> 'first memory release for ea'\n-> 'goto replay_again' -> 'second goto sea_exit before allocate memory\nfor ea' -> 'second memory release for ea resulted in double free'.\n\nRe-initialie 'ea' to NULL near to the replay_again label, it can fix this\ndouble free problem.", id: "GHSA-jfp4-pv53-rv88", modified: "2024-11-13T15:31:37Z", published: "2024-11-07T12:30:35Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-50152", }, { type: "WEB", url: "https://git.kernel.org/stable/c/19ebc1e6cab334a8193398d4152deb76019b5d34", }, { type: "WEB", url: "https://git.kernel.org/stable/c/b1813c220b76f60b1727984794377c4aa849d4c1", }, { type: "WEB", url: "https://git.kernel.org/stable/c/c9f758ecf2562dfdd4adf12c22921b5de8366123", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.