Vulnerability from csaf_suse
Published
2024-10-08 15:10
Modified
2024-10-08 15:10
Summary
Security update for the Linux Kernel

Notes

Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269). - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004). - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380). - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240). - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195). - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430). - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432). - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435). - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455). - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457). - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518). - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526). - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520). - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521). - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540). - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). - CVE-2024-46727: Fixed NULL pointer dereference in resource_log_pipe_topology_update (bsc#1230707). - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704). - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727). - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794). - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). The following non-security bugs were fixed: - ABI: testing: fix admv8818 attr description (git-fixes). - ACPI: CPPC: Add helper to get the highest performance value (stable-fixes). - ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). - ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes). - ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes). - ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). - ACPI: sysfs: validate return type of _STR method (git-fixes). - afs: Do not cross .backup mountpoint from backup volume (git-fixes). - afs: Revert 'afs: Hide silly-rename files from userspace' (git-fixes). - ALSA: control: Apply sanity check of input values for user elements (stable-fixes). - ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes). - ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). - ALSA: hda: cs35l41: fix module autoloading (git-fixes). - arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). - arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes). - arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-fixes). - arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes). - arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes). - arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-fixes). - arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma (git-fixes). - arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes). - arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). - arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). - arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) - arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) - arm64: signal: Fix some under-bracketed UAPI macros (git-fixes). - arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) - arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) - arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) - ARM: 9406/1: Fix callchain_trace() return value (git-fixes). - ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes). - ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-fixes). - ASoC: cs42l42: Convert comma to semicolon (git-fixes). - ASoC: intel: fix module autoloading (stable-fixes). - ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). - ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). - ASoC: meson: Remove unused declartion in header file (git-fixes). - ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). - ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes). - ASoC: soc-ac97: Fix the incorrect description (git-fixes). - ASoC: tas2781-i2c: Get the right GPIO line (git-fixes). - ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment (stable-fixes). - ASoC: tda7419: fix module autoloading (stable-fixes). - ASoC: topology: Properly initialize soc_enum values (stable-fixes). - ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-fixes). - ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). - ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes). - ata: pata_macio: Use WARN instead of BUG (stable-fixes). - blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). - blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). - Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() (stable-fixes). - Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). - Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). - Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-fixes). - Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue (stable-fixes). - Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes). - bpf, events: Use prog to emit ksymbol event for main program (git-fixes). - bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes). - btrfs: fix race between direct IO write and fsync when using same fd (git-fixes). - btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1230854). - bus: integrator-lm: fix OF node leak in probe() (git-fixes). - cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231008). - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes). - can: j1939: use correct function name in comment (git-fixes). - can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes). - can: m_can: enable NAPI before enabling interrupts (git-fixes). - can: m_can: m_can_close(): stop clocks after device has been shut down (git-fixes). - can: mcp251xfd: clarify the meaning of timestamp (stable-fixes). - can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function (stable-fixes). - can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration (stable-fixes). - can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into mcp251xfd_chip_start/stop() (stable-fixes). - can: mcp251xfd: properly indent labels (stable-fixes). - can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). - can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum (stable-fixes). - clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). - clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). - clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes). - clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() (git-fixes). - cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-fixes). - cpufreq: amd-pstate: fix the highest frequency issue which limits performance (git-fixes). - cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). - crypto: ccp - do not request interrupt on cmd completion when irqs disabled (git-fixes). - crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). - crypto: iaa - Fix potential use after free bug (git-fixes). - crypto: qat - fix unintentional re-enabling of error interrupts (stable-fixes). - crypto: xor - fix template benchmarking (git-fixes). - cxl/core: Fix incorrect vendor debug UUID define (git-fixes). - cxl/pci: Fix to record only non-zero ranges (git-fixes). - Detect memory allocation failure in annotated_source__alloc_histograms (bsc#1227962). - devres: Initialize an uninitialized struct member (stable-fixes). - dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes). - Documentation: ioctl: document 0x07 ioctl code (git-fixes). - driver core: Fix a potential null-ptr-deref in module_add_driver() (git-fixes). - driver core: Fix error handling in driver API device_rename() (git-fixes). - drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). - Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). - drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). - drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). - drm/amd: Add gfx12 swizzle mode defs (stable-fixes). - drm/amd/amdgpu: Properly tune the size of struct (git-fixes). - drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (git-fixes). - drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() (git-fixes). - drm/amd/display: Check denominator pbn_div before used (stable-fixes). - drm/amd/display: Check HDCP returned status (stable-fixes). - drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes). - drm/amd/display: Defer handling mst up request in resume (stable-fixes). - drm/amd/display: Disable error correction if it's not supported (stable-fixes). - drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes). - drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-fixes). - drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes). - drm/amd/display: Solve mst monitors blank out problem after resume (git-fixes). - drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes). - drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). - drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). - drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). - drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported (stable-fixes). - drm/amdgpu: fix a possible null pointer dereference (git-fixes). - drm/amdgpu: Fix get each xcp macro (git-fixes). - drm/amdgpu: Fix smatch static checker warning (stable-fixes). - drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes). - drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). - drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes). - drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). - drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). - drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). - drm: komeda: Fix an issue related to normalized zpos (stable-fixes). - drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes). - drm/mediatek: Set sensible cursor width/height values to fix crash (stable-fixes). - drm/msm/a5xx: disable preemption in submits by default (git-fixes). - drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). - drm/msm/a5xx: properly clear preemption records on resume (git-fixes). - drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). - drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). - drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes). - drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). - drm/msm: fix %s null argument error (git-fixes). - drm/nouveau/fb: restore init() for ramgp102 (git-fixes). - drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). - drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes). - drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes). - drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes). - drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes). - drm/radeon: properly handle vbios fake edid sizing (git-fixes). - drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes). - drm/rockchip: vop: Allow 4096px width scaling (git-fixes). - drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes). - drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes). - drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes). - drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). - drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes). - drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes). - Drop soundwire patch that caused a regression (bsc#1230350) - ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes). - erofs: fix incorrect symlink detection in fast symlink (git-fixes). - exfat: fix memory leak in exfat_load_bitmap() (git-fixes). - fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). - firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes). - firmware_loader: Block path traversal (git-fixes). - firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). - fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230602). - HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). - HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes). - HID: multitouch: Add support for GT7868Q (stable-fixes). - HID: wacom: Do not warn about dropped packets for first packet (git-fixes). - HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes). - hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes). - hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). - hwmon: (nct6775-core) Fix underflows seen when writing limit attributes (stable-fixes). - hwmon: (ntc_thermistor) fix module autoloading (git-fixes). - hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 (git-fixes). - hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). - hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes). - hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes). - hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). - i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled (git-fixes). - i2c: isch: Add missed 'else' (git-fixes). - i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes). - i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition (git-fixes). - i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes). - IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) - iio: adc: ad7606: fix oversampling gpio array (git-fixes). - iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes). - iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes). - iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). - Input: adp5588-keys - fix check on return code (git-fixes). - Input: ads7846 - ratelimit the spi_sync error message (stable-fixes). - Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). - Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). - Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). - Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes). - Input: tsc2004/5 - fix reset handling on probe (git-fixes). - Input: tsc2004/5 - use device core to create driver-specific device attributes (git-fixes). - Input: uinput - reject requests with unreasonable number of slots (stable-fixes). - ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). - ipmi:ssif: Improve detecting during probing (bsc#1228771) - ipmi:ssif: Improve detecting during probing (bsc#1228771) - jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). - kABI workaround for cros_ec stuff (git-fixes). - KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes). - kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-fixes). - kthread: Fix task state in kthread worker if being frozen (bsc#1231146). - KVM: arm64: Block unsafe FF-A calls from the host (git-fixes). - KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging (git-fixes). - KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-fixes). - KVM: arm64: Do not re-initialize the KVM lock (git-fixes). - KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). - KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (git-fixes). - KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes). - KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes). - KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). - KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). - KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes). - leds: spi-byte: Call of_node_put() on error path (stable-fixes). - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-fixes). - lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). - mailbox: bcm2835: Fix timeout during suspend mode (git-fixes). - mailbox: rockchip: fix a typo in module autoloading (git-fixes). - media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes). - media: ov5675: Fix power on/off delay timings (git-fixes). - media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE (git-fixes). - media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). - media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes). - media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). - media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). - media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). - media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). - media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). - media: vivid: fix wrong sizeimage value for mplane (stable-fixes). - memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes). - memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes). - minmax: reduce min/max macro expansion in atomisp driver (git-fixes). - module: Fix KCOV-ignored file name (git-fixes). - Move fixes into sorted section (bsc#1230119) - mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). - mtd: slram: insert break after errors in parsing the map (git-fixes). - net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes). - net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). - nfsd: Do not leave work of closing files to a work queue (bsc#1228140). - NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). - nilfs2: determine empty node blocks as corrupted (git-fixes). - nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). - nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). - nvme: clear caller pointer on identify failure (git-fixes). - nvme: fix namespace removal list (git-fixes). - nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244). - nvme-multipath: system fails to create generic nvme device (bsc#1228244). - nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). - nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). - nvme-pci: allocate tagset on reset if necessary (git-fixes). - nvme-tcp: fix link failure for TCP auth (git-fixes). - nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). - nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). - nvmet-tcp: do not continue for invalid icreq (git-fixes). - nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). - nvmet-trace: avoid dereferencing pointer too early (git-fixes). - ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). - ocfs2: fix null-ptr-deref when journal load failed (git-fixes). - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). - ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). - PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). - PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). - PCI: dra7xx: Fix threaded IRQ request for 'dra7xx-pcie-main' IRQ (git-fixes). - PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). - pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). - PCI: imx6: Fix missing call to phy_power_off() in error handling (git-fixes). - PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes). - PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). - PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes). - PCI: qcom-ep: Enable controller resources like PHY only after refclk is available (git-fixes). - PCI: Wait for Link before restoring Downstream Buses (git-fixes). - PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). - PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). - pcmcia: Use resource_size function on resource object (stable-fixes). - perf annotate: Introduce global annotation_options (git-fixes). - perf annotate: Split branch stack cycles information out of 'struct annotation_line' (git-fixes). - perf annotate: Use global annotation_options (git-fixes). - perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes). - perf/core: Fix missing wakeup when waiting for context reference (git-fixes). - perf: Fix default aux_watermark calculation (git-fixes). - perf: Fix event leak upon exit (git-fixes). - perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes). - perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes). - perf intel-pt: Fix exclude_guest setting (git-fixes). - perf machine thread: Remove exited threads by default (git-fixes). - perf maps: Move symbol maps functions to maps.c (git-fixes). - perf pmu: Assume sysfs events are always the same case (git-fixes). - perf pmus: Fixes always false when compare duplicates aliases (git-fixes). - perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes). - perf record: Lazy load kernel symbols (git-fixes). - perf report: Convert to the global annotation_options (git-fixes). - perf report: Fix condition in sort__sym_cmp() (git-fixes). - perf: script: add raw|disasm arguments to --insn-trace option (git-fixes). - perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes). - perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes). - perf tool: fix dereferencing NULL al->maps (git-fixes). - perf tools: Add/use PMU reverse lookup from config to name (git-fixes). - perf tools: Use pmus to describe type from attribute (git-fixes). - perf top: Convert to the global annotation_options (git-fixes). - perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes). - perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes). - perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-fixes). - perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes). - perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes). - perf/x86/intel: Factor out the initialization code for SPR (git fixes). - perf/x86/intel: Limit the period on Haswell (git-fixes). - perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes). - perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-fixes). - perf/x86/intel/pt: Fix topa_entry base length (git-fixes). - perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-fixes). - perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119). - perf/x86/intel: Use the common uarch name for the shared functions (git fixes). - perf/x86: Serialize set_attr_rdpmc() (git-fixes). - perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (bsc#1230119). - perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (bsc#1230119). - perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (bsc#1230119). - perf/x86/uncore: Cleanup unused unit structure (bsc#1230119). - perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (bsc#1230119). - perf/x86/uncore: Save the unit control address of all units (bsc#1230119). - perf/x86/uncore: Support per PMU cpumask (bsc#1230119). - phy: zynqmp: Take the phy mutex in xlate (stable-fixes). - pinctrl: at91: make it work with current gpiolib (stable-fixes). - pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes). - pinctrl: single: fix missing error code in pcs_probe() (git-fixes). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-fixes). - platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). - platform/surface: aggregator_registry: Add Support for Surface Pro 10 (stable-fixes). - platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). - platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes). - platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). - powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes). - power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes). - power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). - power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). - power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). - r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes). - RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) - RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) - RDMA/erdma: Return QP state in erdma_query_qp (git-fixes) - RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) - RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes) - RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes) - RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes) - RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) - RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) - RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes) - RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes) - RDMA/hns: Optimize hem allocation performance (git-fixes) - RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) - RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes) - RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes) - RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes) - RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes) - RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes) - RDMA/mlx5: Obtain upper net device only when needed (git-fixes) - RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) - RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes) - regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes). - regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value (git-fixes). - regulator: core: Fix short description for _regulator_check_status_enabled() (git-fixes). - regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes). - regulator: rt5120: Convert comma to semicolon (git-fixes). - regulator: wm831x-isink: Convert comma to semicolon (git-fixes). - remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes). - remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes). - remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes). - reset: berlin: fix OF node leak in probe() error path (git-fixes). - reset: k210: fix OF node leak in probe() error path (git-fixes). - resource: fix region_intersects() vs add_memory_driver_managed() (git-fixes). - Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes). - Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' - Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' - Revert 'mm/sparsemem: fix race in accessing memory_section->usage' - Revert 'mm/sparsemem: fix race in accessing memory_section->usage' - Revert 'PCI: Extend ACS configurability (bsc#1228090).' (bsc#1229019) - rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). - s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564). - s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694). - s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes). - s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562). - s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563). - scripts: kconfig: merge_config: config files: add a trailing newline (stable-fixes). - scripts: sphinx-pre-install: remove unnecessary double check for $cur_version (git-fixes). - scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). - scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429 jsc#PED-9899). - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429 jsc#PED-9899). - scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). - selftests: lib: remove strscpy test (git-fixes). - soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes). - soc: versatile: integrator: fix OF node leak in probe() error path (git-fixes). - spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes). - spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes). - spi: bcm63xx: Enable module autoloading (stable-fixes). - spi: bcm63xx: Fix module autoloading (git-fixes). - spi: meson-spicc: convert comma to semicolon (git-fixes). - spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). - spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). - spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). - spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes). - spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes). - spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). - spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). - Squashfs: sanity check symbolic link size (git-fixes). - supported.conf: mark adiantum and xctr crypto modules as supported (bsc#1231035) - thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-fixes). - thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-fixes). - thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes). - thunderbolt: There are only 5 basic router registers in pre-USB4 routers (git-fixes). - tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes). - tools/perf: Fix the string match for '/tmp/perf-$PID.map' files in dso__load (git-fixes). - tpm: Clean up TPM space after command failure (git-fixes). - tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). - tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). - usb: cdnsp: Fix incorrect usb_request status (git-fixes). - USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). - usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). - usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). - usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes). - usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes). - usbnet: ipheth: add CDC NCM support (git-fixes). - usbnet: ipheth: do not stop RX on failing RX callback (git-fixes). - usbnet: ipheth: drop RX URBs with no payload (git-fixes). - usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes). - usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes). - usbnet: ipheth: race between ipheth_close and error handling (stable-fixes). - usbnet: ipheth: remove extraneous rx URB length check (git-fixes). - usbnet: ipheth: transmit URBs without trailing padding (git-fixes). - USB: serial: kobil_sct: restore initial terminal settings (git-fixes). - USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). - usb: uas: set host status byte on data completion error (stable-fixes). - USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). - virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). - virtio_net: Fix napi_skb_cache_put warning (git-fixes). - virtio-net: synchronize probe with ndo_set_features (git-fixes). - watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). - wifi: ath12k: fix BSS chan info request WMI command (git-fixes). - wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes). - wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() (git-fixes). - wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he() (stable-fixes). - wifi: ath12k: match WMI BSS chan info structure with firmware definition (git-fixes). - wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). - wifi: brcmfmac: introducing fwil query functions (git-fixes). - wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). - wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-fixes). - wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes). - wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). - wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). - wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). - wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-fixes). - wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes). - wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). - wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes). - wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes). - wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes). - wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes). - wifi: mac80211: fix the comeback long retry times (git-fixes). - wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-fixes). - wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes). - wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes). - wifi: mt76: mt7603: fix mixed declarations and code (git-fixes). - wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes). - wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes). - wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes). - wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change (stable-fixes). - wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage (git-fixes). - wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc (git-fixes). - wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes). - wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes). - wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he (git-fixes). - wifi: mt76: mt7996: fix traffic delay when switching back to working channel (git-fixes). - wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes). - wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes). - wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes). - wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). - wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). - wifi: rtw88: always wait for both firmware loading attempts (git-fixes). - wifi: rtw88: remove CPT execution branch never used (git-fixes). - wifi: rtw88: usb: schedule rx work after everything is set up (stable-fixes). - wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware (stable-fixes). - wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). - x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). - x86/kaslr: Expose and use the end of the physical memory address space (bsc#1229443). - x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). - x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). - xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). - xen: allow mapping ACPI data using a different physical address (bsc#1226003). - xen: introduce generic helper checking for memory map conflicts (bsc#1226003). - xen: move checks for e820 conflicts further up (bsc#1226003). - xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). - xen/swiotlb: add alignment check for dma buffers (bsc#1229928). - xen/swiotlb: fix allocated size (git-fixes). - xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). - xen: use correct end address of kernel for conflict checking (bsc#1226003). - xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-fixes). - xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes). - xz: cleanup CRC32 edits from 2018 (git-fixes).
Patchnames
SUSE-2024-3553,SUSE-SLE-Module-Confidential-Computing-15-SP6-2024-3553
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).


To clipboard 

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\nThe SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).\n- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).\n- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).\n- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).\n- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).\n- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).\n- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).\n- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).\n- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).\n- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).\n- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).\n- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).\n- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).\n- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).\n- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).\n- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).\n- CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).\n- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).\n- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).\n- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).\n- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).\n- CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).\n- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).\n- CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).\n- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).\n- CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).\n- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).\n- CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).\n- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).\n- CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435).\n- CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).\n- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).\n- CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).\n- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).\n- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).\n- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).\n- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).\n- CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518).\n- CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).\n- CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).\n- CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).\n- CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).\n- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).\n- CVE-2024-46727: Fixed NULL pointer dereference in resource_log_pipe_topology_update (bsc#1230707).\n- CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).\n- CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).\n- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).\n- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).\n- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).\n- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).\n- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).\n- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).\n- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).\n- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).\n- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).\n\nThe following non-security bugs were fixed:\n\n- ABI: testing: fix admv8818 attr description (git-fixes).\n- ACPI: CPPC: Add helper to get the highest performance value (stable-fixes).\n- ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).\n- ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-fixes).\n- ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-fixes).\n- ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes).\n- ACPI: sysfs: validate return type of _STR method (git-fixes).\n- afs: Do not cross .backup mountpoint from backup volume (git-fixes).\n- afs: Revert 'afs: Hide silly-rename files from userspace' (git-fixes).\n- ALSA: control: Apply sanity check of input values for user elements (stable-fixes).\n- ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes).\n- ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes).\n- ALSA: hda: cs35l41: fix module autoloading (git-fixes).\n- arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).\n- arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes).\n- arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-fixes).\n- arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes).\n- arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-fixes).\n- arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-fixes).\n- arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on RK3399 Puma (git-fixes).\n- arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-fixes).\n- arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes).\n- arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes).\n- arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)\n- arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)\n- arm64: signal: Fix some under-bracketed UAPI macros (git-fixes).\n- arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)\n- arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)\n- arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)\n- ARM: 9406/1: Fix callchain_trace() return value (git-fixes).\n- ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes).\n- ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-fixes).\n- ASoC: cs42l42: Convert comma to semicolon (git-fixes).\n- ASoC: intel: fix module autoloading (stable-fixes).\n- ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).\n- ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).\n- ASoC: meson: Remove unused declartion in header file (git-fixes).\n- ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).\n- ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error (git-fixes).\n- ASoC: soc-ac97: Fix the incorrect description (git-fixes).\n- ASoC: tas2781-i2c: Get the right GPIO line (git-fixes).\n- ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially broken alignment (stable-fixes).\n- ASoC: tda7419: fix module autoloading (stable-fixes).\n- ASoC: topology: Properly initialize soc_enum values (stable-fixes).\n- ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-fixes).\n- ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes).\n- ata: pata_macio: Use WARN instead of BUG (stable-fixes).\n- blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).\n- blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).\n- Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() (stable-fixes).\n- Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).\n- Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).\n- Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-fixes).\n- Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue (stable-fixes).\n- Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-fixes).\n- bpf, events: Use prog to emit ksymbol event for main program (git-fixes).\n- bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes).\n- btrfs: fix race between direct IO write and fsync when using same fd (git-fixes).\n- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1230854).\n- bus: integrator-lm: fix OF node leak in probe() (git-fixes).\n- cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231008).\n- can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).\n- can: j1939: use correct function name in comment (git-fixes).\n- can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes).\n- can: m_can: enable NAPI before enabling interrupts (git-fixes).\n- can: m_can: m_can_close(): stop clocks after device has been shut down (git-fixes).\n- can: mcp251xfd: clarify the meaning of timestamp (stable-fixes).\n- can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate function (stable-fixes).\n- can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration (stable-fixes).\n- can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into mcp251xfd_chip_start/stop() (stable-fixes).\n- can: mcp251xfd: properly indent labels (stable-fixes).\n- can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).\n- can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum (stable-fixes).\n- clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885).\n- clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885).\n- clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes).\n- clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() (git-fixes).\n- cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-fixes).\n- cpufreq: amd-pstate: fix the highest frequency issue which limits performance (git-fixes).\n- cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes).\n- crypto: ccp - do not request interrupt on cmd completion when irqs disabled (git-fixes).\n- crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes).\n- crypto: iaa - Fix potential use after free bug (git-fixes).\n- crypto: qat - fix unintentional re-enabling of error interrupts (stable-fixes).\n- crypto: xor - fix template benchmarking (git-fixes).\n- cxl/core: Fix incorrect vendor debug UUID define (git-fixes).\n- cxl/pci: Fix to record only non-zero ranges (git-fixes).\n- Detect memory allocation failure in annotated_source__alloc_histograms (bsc#1227962).\n- devres: Initialize an uninitialized struct member (stable-fixes).\n- dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes).\n- Documentation: ioctl: document 0x07 ioctl code (git-fixes).\n- driver core: Fix a potential null-ptr-deref in module_add_driver() (git-fixes).\n- driver core: Fix error handling in driver API device_rename() (git-fixes).\n- drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).\n- Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).\n- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes).\n- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes).\n- drm/amd: Add gfx12 swizzle mode defs (stable-fixes).\n- drm/amd/amdgpu: Properly tune the size of struct (git-fixes).\n- drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (git-fixes).\n- drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() (git-fixes).\n- drm/amd/display: Check denominator pbn_div before used (stable-fixes).\n- drm/amd/display: Check HDCP returned status (stable-fixes).\n- drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes).\n- drm/amd/display: Defer handling mst up request in resume (stable-fixes).\n- drm/amd/display: Disable error correction if it's not supported (stable-fixes).\n- drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes).\n- drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-fixes).\n- drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes).\n- drm/amd/display: Solve mst monitors blank out problem after resume (git-fixes).\n- drm/amdgpu: add missing error handling in function amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes).\n- drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).\n- drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes).\n- drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).\n- drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported (stable-fixes).\n- drm/amdgpu: fix a possible null pointer dereference (git-fixes).\n- drm/amdgpu: Fix get each xcp macro (git-fixes).\n- drm/amdgpu: Fix smatch static checker warning (stable-fixes).\n- drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes).\n- drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).\n- drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes).\n- drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).\n- drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes).\n- drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).\n- drm: komeda: Fix an issue related to normalized zpos (stable-fixes).\n- drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes).\n- drm/mediatek: Set sensible cursor width/height values to fix crash (stable-fixes).\n- drm/msm/a5xx: disable preemption in submits by default (git-fixes).\n- drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).\n- drm/msm/a5xx: properly clear preemption records on resume (git-fixes).\n- drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).\n- drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).\n- drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes).\n- drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).\n- drm/msm: fix %s null argument error (git-fixes).\n- drm/nouveau/fb: restore init() for ramgp102 (git-fixes).\n- drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes).\n- drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-fixes).\n- drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-fixes).\n- drm/radeon: properly handle vbios fake edid sizing (git-fixes).\n- drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-fixes).\n- drm/rockchip: vop: Allow 4096px width scaling (git-fixes).\n- drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes).\n- drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes).\n- drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes).\n- drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).\n- drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes).\n- drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes).\n- Drop soundwire patch that caused a regression (bsc#1230350) \n- ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes).\n- erofs: fix incorrect symlink detection in fast symlink (git-fixes).\n- exfat: fix memory leak in exfat_load_bitmap() (git-fixes).\n- fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).\n- firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes).\n- firmware_loader: Block path traversal (git-fixes).\n- firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes).\n- fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230602).\n- HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).\n- HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-fixes).\n- HID: multitouch: Add support for GT7868Q (stable-fixes).\n- HID: wacom: Do not warn about dropped packets for first packet (git-fixes).\n- HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes).\n- hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes).\n- hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes).\n- hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-fixes).\n- hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).\n- hwmon: (nct6775-core) Fix underflows seen when writing limit attributes (stable-fixes).\n- hwmon: (ntc_thermistor) fix module autoloading (git-fixes).\n- hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >= 1.2 (git-fixes).\n- hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes).\n- hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-fixes).\n- hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-fixes).\n- hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).\n- i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled (git-fixes).\n- i2c: isch: Add missed 'else' (git-fixes).\n- i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).\n- i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition (git-fixes).\n- i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-fixes).\n- IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)\n- iio: adc: ad7606: fix oversampling gpio array (git-fixes).\n- iio: adc: ad7606: fix standby gpio state to match the documentation (git-fixes).\n- iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-fixes).\n- iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).\n- Input: adp5588-keys - fix check on return code (git-fixes).\n- Input: ads7846 - ratelimit the spi_sync error message (stable-fixes).\n- Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).\n- Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes).\n- Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes).\n- Input: tsc2004/5 - fix reset handling on probe (git-fixes).\n- Input: tsc2004/5 - use device core to create driver-specific device attributes (git-fixes).\n- Input: uinput - reject requests with unreasonable number of slots (stable-fixes).\n- ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).\n- ipmi:ssif: Improve detecting during probing (bsc#1228771)\n- ipmi:ssif: Improve detecting during probing (bsc#1228771) \n- jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).\n- kABI workaround for cros_ec stuff (git-fixes).\n- KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes).\n- kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-fixes).\n- kthread: Fix task state in kthread worker if being frozen (bsc#1231146).\n- KVM: arm64: Block unsafe FF-A calls from the host (git-fixes).\n- KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging (git-fixes).\n- KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-fixes).\n- KVM: arm64: Do not re-initialize the KVM lock (git-fixes).\n- KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes).\n- KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (git-fixes).\n- KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes).\n- KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes).\n- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-fixes).\n- KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes).\n- KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes).\n- KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes).\n- leds: spi-byte: Call of_node_put() on error path (stable-fixes).\n- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-fixes).\n- lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).\n- mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).\n- mailbox: rockchip: fix a typo in module autoloading (git-fixes).\n- media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes).\n- media: ov5675: Fix power on/off delay timings (git-fixes).\n- media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).\n- media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes).\n- media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).\n- media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).\n- media: venus: fix use after free bug in venus_remove due to race condition (git-fixes).\n- media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).\n- media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes).\n- media: vivid: fix wrong sizeimage value for mplane (stable-fixes).\n- memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes).\n- memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes).\n- minmax: reduce min/max macro expansion in atomisp driver (git-fixes).\n- module: Fix KCOV-ignored file name (git-fixes).\n- Move fixes into sorted section (bsc#1230119)\n- mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).\n- mtd: slram: insert break after errors in parsing the map (git-fixes).\n- net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes).\n- net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).\n- nfsd: Do not leave work of closing files to a work queue (bsc#1228140).\n- NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes).\n- nilfs2: determine empty node blocks as corrupted (git-fixes).\n- nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).\n- nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).\n- nvme: clear caller pointer on identify failure (git-fixes).\n- nvme: fix namespace removal list (git-fixes).\n- nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244).\n- nvme-multipath: system fails to create generic nvme device (bsc#1228244).\n- nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).\n- nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).\n- nvme-pci: allocate tagset on reset if necessary (git-fixes).\n- nvme-tcp: fix link failure for TCP auth (git-fixes).\n- nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).\n- nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).\n- nvmet-tcp: do not continue for invalid icreq (git-fixes).\n- nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).\n- nvmet-trace: avoid dereferencing pointer too early (git-fixes).\n- ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).\n- ocfs2: fix null-ptr-deref when journal load failed (git-fixes).\n- ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).\n- ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).\n- PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).\n- PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).\n- PCI: dra7xx: Fix threaded IRQ request for 'dra7xx-pcie-main' IRQ (git-fixes).\n- PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).\n- pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).\n- PCI: imx6: Fix missing call to phy_power_off() in error handling (git-fixes).\n- PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-fixes).\n- PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).\n- PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes).\n- PCI: qcom-ep: Enable controller resources like PHY only after refclk is available (git-fixes).\n- PCI: Wait for Link before restoring Downstream Buses (git-fixes).\n- PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).\n- PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).\n- pcmcia: Use resource_size function on resource object (stable-fixes).\n- perf annotate: Introduce global annotation_options (git-fixes).\n- perf annotate: Split branch stack cycles information out of 'struct annotation_line' (git-fixes).\n- perf annotate: Use global annotation_options (git-fixes).\n- perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes).\n- perf/core: Fix missing wakeup when waiting for context reference (git-fixes).\n- perf: Fix default aux_watermark calculation (git-fixes).\n- perf: Fix event leak upon exit (git-fixes).\n- perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes).\n- perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes).\n- perf intel-pt: Fix exclude_guest setting (git-fixes).\n- perf machine thread: Remove exited threads by default (git-fixes).\n- perf maps: Move symbol maps functions to maps.c (git-fixes).\n- perf pmu: Assume sysfs events are always the same case (git-fixes).\n- perf pmus: Fixes always false when compare duplicates aliases (git-fixes).\n- perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes).\n- perf record: Lazy load kernel symbols (git-fixes).\n- perf report: Convert to the global annotation_options (git-fixes).\n- perf report: Fix condition in sort__sym_cmp() (git-fixes).\n- perf: script: add raw|disasm arguments to --insn-trace option (git-fixes).\n- perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes).\n- perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes).\n- perf tool: fix dereferencing NULL al->maps (git-fixes).\n- perf tools: Add/use PMU reverse lookup from config to name (git-fixes).\n- perf tools: Use pmus to describe type from attribute (git-fixes).\n- perf top: Convert to the global annotation_options (git-fixes).\n- perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes).\n- perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes).\n- perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-fixes).\n- perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes).\n- perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes).\n- perf/x86/intel: Factor out the initialization code for SPR (git fixes).\n- perf/x86/intel: Limit the period on Haswell (git-fixes).\n- perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes).\n- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-fixes).\n- perf/x86/intel/pt: Fix topa_entry base length (git-fixes).\n- perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-fixes).\n- perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119).\n- perf/x86/intel: Use the common uarch name for the shared functions (git fixes).\n- perf/x86: Serialize set_attr_rdpmc() (git-fixes).\n- perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (bsc#1230119).\n- perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (bsc#1230119).\n- perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (bsc#1230119).\n- perf/x86/uncore: Cleanup unused unit structure (bsc#1230119).\n- perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (bsc#1230119).\n- perf/x86/uncore: Save the unit control address of all units (bsc#1230119).\n- perf/x86/uncore: Support per PMU cpumask (bsc#1230119).\n- phy: zynqmp: Take the phy mutex in xlate (stable-fixes).\n- pinctrl: at91: make it work with current gpiolib (stable-fixes).\n- pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes).\n- pinctrl: single: fix missing error code in pcs_probe() (git-fixes).\n- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).\n- platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-fixes).\n- platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes).\n- platform/surface: aggregator_registry: Add Support for Surface Pro 10 (stable-fixes).\n- platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes).\n- platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-fixes).\n- platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).\n- powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes).\n- power: supply: axp20x_battery: Remove design from min and max voltage (git-fixes).\n- power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes).\n- power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).\n- power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes).\n- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).\n- RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)\n- RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)\n- RDMA/erdma: Return QP state in erdma_query_qp (git-fixes)\n- RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)\n- RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes)\n- RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes)\n- RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes)\n- RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)\n- RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)\n- RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes)\n- RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-fixes)\n- RDMA/hns: Optimize hem allocation performance (git-fixes)\n- RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)\n- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)\n- RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes)\n- RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes)\n- RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes)\n- RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes)\n- RDMA/mlx5: Obtain upper net device only when needed (git-fixes)\n- RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)\n- RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-fixes)\n- regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes).\n- regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value (git-fixes).\n- regulator: core: Fix short description for _regulator_check_status_enabled() (git-fixes).\n- regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes).\n- regulator: rt5120: Convert comma to semicolon (git-fixes).\n- regulator: wm831x-isink: Convert comma to semicolon (git-fixes).\n- remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes).\n- remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes).\n- remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes).\n- reset: berlin: fix OF node leak in probe() error path (git-fixes).\n- reset: k210: fix OF node leak in probe() error path (git-fixes).\n- resource: fix region_intersects() vs add_memory_driver_managed() (git-fixes).\n- Revert 'media: tuners: fix error return code of hybrid_tuner_request_state()' (git-fixes).\n- Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' \n- Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()'\n- Revert 'mm/sparsemem: fix race in accessing memory_section->usage'\n- Revert 'mm/sparsemem: fix race in accessing memory_section->usage' \n- Revert 'PCI: Extend ACS configurability (bsc#1228090).' (bsc#1229019)\n- rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).\n- s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564).\n- s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694).\n- s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes).\n- s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562).\n- s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563).\n- scripts: kconfig: merge_config: config files: add a trailing newline (stable-fixes).\n- scripts: sphinx-pre-install: remove unnecessary double check for $cur_version (git-fixes).\n- scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).\n- scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429 jsc#PED-9899).\n- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1229429 jsc#PED-9899).\n- scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848).\n- selftests: lib: remove strscpy test (git-fixes).\n- soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes).\n- soc: versatile: integrator: fix OF node leak in probe() error path (git-fixes).\n- spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes).\n- spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes).\n- spi: bcm63xx: Enable module autoloading (stable-fixes).\n- spi: bcm63xx: Fix module autoloading (git-fixes).\n- spi: meson-spicc: convert comma to semicolon (git-fixes).\n- spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).\n- spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes).\n- spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).\n- spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes).\n- spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes).\n- spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes).\n- Squashfs: sanity check symbolic link size (git-fixes).\n- supported.conf: mark adiantum and xctr crypto modules as supported (bsc#1231035)\n- thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-fixes).\n- thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-fixes).\n- thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes).\n- thunderbolt: There are only 5 basic router registers in pre-USB4 routers (git-fixes).\n- tomoyo: fallback to realpath if symlink's pathname does not exist (git-fixes).\n- tools/perf: Fix the string match for '/tmp/perf-$PID.map' files in dso__load (git-fixes).\n- tpm: Clean up TPM space after command failure (git-fixes).\n- tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).\n- tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).\n- usb: cdnsp: Fix incorrect usb_request status (git-fixes).\n- USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).\n- usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).\n- usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).\n- usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes).\n- usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes).\n- usbnet: ipheth: add CDC NCM support (git-fixes).\n- usbnet: ipheth: do not stop RX on failing RX callback (git-fixes).\n- usbnet: ipheth: drop RX URBs with no payload (git-fixes).\n- usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes).\n- usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes).\n- usbnet: ipheth: race between ipheth_close and error handling (stable-fixes).\n- usbnet: ipheth: remove extraneous rx URB length check (git-fixes).\n- usbnet: ipheth: transmit URBs without trailing padding (git-fixes).\n- USB: serial: kobil_sct: restore initial terminal settings (git-fixes).\n- USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes).\n- usb: uas: set host status byte on data completion error (stable-fixes).\n- USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).\n- virtio_net: fixing XDP for fully checksummed packets handling (git-fixes).\n- virtio_net: Fix napi_skb_cache_put warning (git-fixes).\n- virtio-net: synchronize probe with ndo_set_features (git-fixes).\n- watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).\n- wifi: ath12k: fix BSS chan info request WMI command (git-fixes).\n- wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes).\n- wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() (git-fixes).\n- wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he() (stable-fixes).\n- wifi: ath12k: match WMI BSS chan info structure with firmware definition (git-fixes).\n- wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes).\n- wifi: brcmfmac: introducing fwil query functions (git-fixes).\n- wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).\n- wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-fixes).\n- wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-fixes).\n- wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).\n- wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes).\n- wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes).\n- wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-fixes).\n- wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes).\n- wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes).\n- wifi: iwlwifi: mvm: increase the time between ranging measurements (git-fixes).\n- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes).\n- wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes).\n- wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes).\n- wifi: mac80211: fix the comeback long retry times (git-fixes).\n- wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-fixes).\n- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-fixes).\n- wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes).\n- wifi: mt76: mt7603: fix mixed declarations and code (git-fixes).\n- wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).\n- wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes).\n- wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes).\n- wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-fixes).\n- wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes).\n- wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change (stable-fixes).\n- wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage (git-fixes).\n- wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc (git-fixes).\n- wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes).\n- wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes).\n- wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he (git-fixes).\n- wifi: mt76: mt7996: fix traffic delay when switching back to working channel (git-fixes).\n- wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes).\n- wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes).\n- wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes).\n- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes).\n- wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).\n- wifi: rtw88: always wait for both firmware loading attempts (git-fixes).\n- wifi: rtw88: remove CPT execution branch never used (git-fixes).\n- wifi: rtw88: usb: schedule rx work after everything is set up (stable-fixes).\n- wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware (stable-fixes).\n- wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes).\n- x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).\n- x86/kaslr: Expose and use the end of the physical memory address space (bsc#1229443).\n- x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382).\n- x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382).\n- xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).\n- xen: allow mapping ACPI data using a different physical address (bsc#1226003).\n- xen: introduce generic helper checking for memory map conflicts (bsc#1226003).\n- xen: move checks for e820 conflicts further up (bsc#1226003).\n- xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).\n- xen/swiotlb: add alignment check for dma buffers (bsc#1229928).\n- xen/swiotlb: fix allocated size (git-fixes).\n- xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003).\n- xen: use correct end address of kernel for conflict checking (bsc#1226003).\n- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-fixes).\n- xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-fixes).\n- xz: cleanup CRC32 edits from 2018 (git-fixes).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-2024-3553,SUSE-SLE-Module-Confidential-Computing-15-SP6-2024-3553",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3553-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2024:3553-1",
            url: "https://www.suse.com/support/update/announcement/2024/suse-su-20243553-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2024:3553-1",
            url: "https://lists.suse.com/pipermail/sle-updates/2024-October/037161.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1012628",
            url: "https://bugzilla.suse.com/1012628",
         },
         {
            category: "self",
            summary: "SUSE Bug 1215199",
            url: "https://bugzilla.suse.com/1215199",
         },
         {
            category: "self",
            summary: "SUSE Bug 1216223",
            url: "https://bugzilla.suse.com/1216223",
         },
         {
            category: "self",
            summary: "SUSE Bug 1220382",
            url: "https://bugzilla.suse.com/1220382",
         },
         {
            category: "self",
            summary: "SUSE Bug 1222629",
            url: "https://bugzilla.suse.com/1222629",
         },
         {
            category: "self",
            summary: "SUSE Bug 1223600",
            url: "https://bugzilla.suse.com/1223600",
         },
         {
            category: "self",
            summary: "SUSE Bug 1223848",
            url: "https://bugzilla.suse.com/1223848",
         },
         {
            category: "self",
            summary: "SUSE Bug 1225487",
            url: "https://bugzilla.suse.com/1225487",
         },
         {
            category: "self",
            summary: "SUSE Bug 1225812",
            url: "https://bugzilla.suse.com/1225812",
         },
         {
            category: "self",
            summary: "SUSE Bug 1225903",
            url: "https://bugzilla.suse.com/1225903",
         },
         {
            category: "self",
            summary: "SUSE Bug 1226003",
            url: "https://bugzilla.suse.com/1226003",
         },
         {
            category: "self",
            summary: "SUSE Bug 1226507",
            url: "https://bugzilla.suse.com/1226507",
         },
         {
            category: "self",
            summary: "SUSE Bug 1226606",
            url: "https://bugzilla.suse.com/1226606",
         },
         {
            category: "self",
            summary: "SUSE Bug 1226666",
            url: "https://bugzilla.suse.com/1226666",
         },
         {
            category: "self",
            summary: "SUSE Bug 1226860",
            url: "https://bugzilla.suse.com/1226860",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227487",
            url: "https://bugzilla.suse.com/1227487",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227694",
            url: "https://bugzilla.suse.com/1227694",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227819",
            url: "https://bugzilla.suse.com/1227819",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227885",
            url: "https://bugzilla.suse.com/1227885",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227890",
            url: "https://bugzilla.suse.com/1227890",
         },
         {
            category: "self",
            summary: "SUSE Bug 1227962",
            url: "https://bugzilla.suse.com/1227962",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228090",
            url: "https://bugzilla.suse.com/1228090",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228140",
            url: "https://bugzilla.suse.com/1228140",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228244",
            url: "https://bugzilla.suse.com/1228244",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228507",
            url: "https://bugzilla.suse.com/1228507",
         },
         {
            category: "self",
            summary: "SUSE Bug 1228771",
            url: "https://bugzilla.suse.com/1228771",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229004",
            url: "https://bugzilla.suse.com/1229004",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229019",
            url: "https://bugzilla.suse.com/1229019",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229086",
            url: "https://bugzilla.suse.com/1229086",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229167",
            url: "https://bugzilla.suse.com/1229167",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229169",
            url: "https://bugzilla.suse.com/1229169",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229289",
            url: "https://bugzilla.suse.com/1229289",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229380",
            url: "https://bugzilla.suse.com/1229380",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229429",
            url: "https://bugzilla.suse.com/1229429",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229443",
            url: "https://bugzilla.suse.com/1229443",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229452",
            url: "https://bugzilla.suse.com/1229452",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229455",
            url: "https://bugzilla.suse.com/1229455",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229456",
            url: "https://bugzilla.suse.com/1229456",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229494",
            url: "https://bugzilla.suse.com/1229494",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229585",
            url: "https://bugzilla.suse.com/1229585",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229748",
            url: "https://bugzilla.suse.com/1229748",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229764",
            url: "https://bugzilla.suse.com/1229764",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229768",
            url: "https://bugzilla.suse.com/1229768",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229790",
            url: "https://bugzilla.suse.com/1229790",
         },
         {
            category: "self",
            summary: "SUSE Bug 1229928",
            url: "https://bugzilla.suse.com/1229928",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230015",
            url: "https://bugzilla.suse.com/1230015",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230119",
            url: "https://bugzilla.suse.com/1230119",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230169",
            url: "https://bugzilla.suse.com/1230169",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230170",
            url: "https://bugzilla.suse.com/1230170",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230173",
            url: "https://bugzilla.suse.com/1230173",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230174",
            url: "https://bugzilla.suse.com/1230174",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230175",
            url: "https://bugzilla.suse.com/1230175",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230176",
            url: "https://bugzilla.suse.com/1230176",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230178",
            url: "https://bugzilla.suse.com/1230178",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230185",
            url: "https://bugzilla.suse.com/1230185",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230191",
            url: "https://bugzilla.suse.com/1230191",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230192",
            url: "https://bugzilla.suse.com/1230192",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230193",
            url: "https://bugzilla.suse.com/1230193",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230194",
            url: "https://bugzilla.suse.com/1230194",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230195",
            url: "https://bugzilla.suse.com/1230195",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230200",
            url: "https://bugzilla.suse.com/1230200",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230204",
            url: "https://bugzilla.suse.com/1230204",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230206",
            url: "https://bugzilla.suse.com/1230206",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230207",
            url: "https://bugzilla.suse.com/1230207",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230209",
            url: "https://bugzilla.suse.com/1230209",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230211",
            url: "https://bugzilla.suse.com/1230211",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230212",
            url: "https://bugzilla.suse.com/1230212",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230213",
            url: "https://bugzilla.suse.com/1230213",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230217",
            url: "https://bugzilla.suse.com/1230217",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230221",
            url: "https://bugzilla.suse.com/1230221",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230224",
            url: "https://bugzilla.suse.com/1230224",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230230",
            url: "https://bugzilla.suse.com/1230230",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230232",
            url: "https://bugzilla.suse.com/1230232",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230233",
            url: "https://bugzilla.suse.com/1230233",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230240",
            url: "https://bugzilla.suse.com/1230240",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230244",
            url: "https://bugzilla.suse.com/1230244",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230247",
            url: "https://bugzilla.suse.com/1230247",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230248",
            url: "https://bugzilla.suse.com/1230248",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230269",
            url: "https://bugzilla.suse.com/1230269",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230270",
            url: "https://bugzilla.suse.com/1230270",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230295",
            url: "https://bugzilla.suse.com/1230295",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230340",
            url: "https://bugzilla.suse.com/1230340",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230350",
            url: "https://bugzilla.suse.com/1230350",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230413",
            url: "https://bugzilla.suse.com/1230413",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230426",
            url: "https://bugzilla.suse.com/1230426",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230430",
            url: "https://bugzilla.suse.com/1230430",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230431",
            url: "https://bugzilla.suse.com/1230431",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230432",
            url: "https://bugzilla.suse.com/1230432",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230433",
            url: "https://bugzilla.suse.com/1230433",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230434",
            url: "https://bugzilla.suse.com/1230434",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230435",
            url: "https://bugzilla.suse.com/1230435",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230440",
            url: "https://bugzilla.suse.com/1230440",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230441",
            url: "https://bugzilla.suse.com/1230441",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230442",
            url: "https://bugzilla.suse.com/1230442",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230444",
            url: "https://bugzilla.suse.com/1230444",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230450",
            url: "https://bugzilla.suse.com/1230450",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230451",
            url: "https://bugzilla.suse.com/1230451",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230454",
            url: "https://bugzilla.suse.com/1230454",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230455",
            url: "https://bugzilla.suse.com/1230455",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230457",
            url: "https://bugzilla.suse.com/1230457",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230459",
            url: "https://bugzilla.suse.com/1230459",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230506",
            url: "https://bugzilla.suse.com/1230506",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230507",
            url: "https://bugzilla.suse.com/1230507",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230511",
            url: "https://bugzilla.suse.com/1230511",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230515",
            url: "https://bugzilla.suse.com/1230515",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230517",
            url: "https://bugzilla.suse.com/1230517",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230518",
            url: "https://bugzilla.suse.com/1230518",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230519",
            url: "https://bugzilla.suse.com/1230519",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230520",
            url: "https://bugzilla.suse.com/1230520",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230521",
            url: "https://bugzilla.suse.com/1230521",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230524",
            url: "https://bugzilla.suse.com/1230524",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230526",
            url: "https://bugzilla.suse.com/1230526",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230533",
            url: "https://bugzilla.suse.com/1230533",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230535",
            url: "https://bugzilla.suse.com/1230535",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230539",
            url: "https://bugzilla.suse.com/1230539",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230540",
            url: "https://bugzilla.suse.com/1230540",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230542",
            url: "https://bugzilla.suse.com/1230542",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230549",
            url: "https://bugzilla.suse.com/1230549",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230556",
            url: "https://bugzilla.suse.com/1230556",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230562",
            url: "https://bugzilla.suse.com/1230562",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230563",
            url: "https://bugzilla.suse.com/1230563",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230564",
            url: "https://bugzilla.suse.com/1230564",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230580",
            url: "https://bugzilla.suse.com/1230580",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230582",
            url: "https://bugzilla.suse.com/1230582",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230589",
            url: "https://bugzilla.suse.com/1230589",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230602",
            url: "https://bugzilla.suse.com/1230602",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230699",
            url: "https://bugzilla.suse.com/1230699",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230700",
            url: "https://bugzilla.suse.com/1230700",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230701",
            url: "https://bugzilla.suse.com/1230701",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230702",
            url: "https://bugzilla.suse.com/1230702",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230703",
            url: "https://bugzilla.suse.com/1230703",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230704",
            url: "https://bugzilla.suse.com/1230704",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230705",
            url: "https://bugzilla.suse.com/1230705",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230706",
            url: "https://bugzilla.suse.com/1230706",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230707",
            url: "https://bugzilla.suse.com/1230707",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230709",
            url: "https://bugzilla.suse.com/1230709",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230711",
            url: "https://bugzilla.suse.com/1230711",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230712",
            url: "https://bugzilla.suse.com/1230712",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230715",
            url: "https://bugzilla.suse.com/1230715",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230719",
            url: "https://bugzilla.suse.com/1230719",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230722",
            url: "https://bugzilla.suse.com/1230722",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230724",
            url: "https://bugzilla.suse.com/1230724",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230725",
            url: "https://bugzilla.suse.com/1230725",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230726",
            url: "https://bugzilla.suse.com/1230726",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230727",
            url: "https://bugzilla.suse.com/1230727",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230730",
            url: "https://bugzilla.suse.com/1230730",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230731",
            url: "https://bugzilla.suse.com/1230731",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230732",
            url: "https://bugzilla.suse.com/1230732",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230747",
            url: "https://bugzilla.suse.com/1230747",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230748",
            url: "https://bugzilla.suse.com/1230748",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230749",
            url: "https://bugzilla.suse.com/1230749",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230751",
            url: "https://bugzilla.suse.com/1230751",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230752",
            url: "https://bugzilla.suse.com/1230752",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230753",
            url: "https://bugzilla.suse.com/1230753",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230756",
            url: "https://bugzilla.suse.com/1230756",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230761",
            url: "https://bugzilla.suse.com/1230761",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230766",
            url: "https://bugzilla.suse.com/1230766",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230767",
            url: "https://bugzilla.suse.com/1230767",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230768",
            url: "https://bugzilla.suse.com/1230768",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230771",
            url: "https://bugzilla.suse.com/1230771",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230772",
            url: "https://bugzilla.suse.com/1230772",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230775",
            url: "https://bugzilla.suse.com/1230775",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230776",
            url: "https://bugzilla.suse.com/1230776",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230780",
            url: "https://bugzilla.suse.com/1230780",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230783",
            url: "https://bugzilla.suse.com/1230783",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230786",
            url: "https://bugzilla.suse.com/1230786",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230787",
            url: "https://bugzilla.suse.com/1230787",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230791",
            url: "https://bugzilla.suse.com/1230791",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230794",
            url: "https://bugzilla.suse.com/1230794",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230796",
            url: "https://bugzilla.suse.com/1230796",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230802",
            url: "https://bugzilla.suse.com/1230802",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230806",
            url: "https://bugzilla.suse.com/1230806",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230808",
            url: "https://bugzilla.suse.com/1230808",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230809",
            url: "https://bugzilla.suse.com/1230809",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230810",
            url: "https://bugzilla.suse.com/1230810",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230812",
            url: "https://bugzilla.suse.com/1230812",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230813",
            url: "https://bugzilla.suse.com/1230813",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230814",
            url: "https://bugzilla.suse.com/1230814",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230815",
            url: "https://bugzilla.suse.com/1230815",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230821",
            url: "https://bugzilla.suse.com/1230821",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230825",
            url: "https://bugzilla.suse.com/1230825",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230830",
            url: "https://bugzilla.suse.com/1230830",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230831",
            url: "https://bugzilla.suse.com/1230831",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230854",
            url: "https://bugzilla.suse.com/1230854",
         },
         {
            category: "self",
            summary: "SUSE Bug 1230948",
            url: "https://bugzilla.suse.com/1230948",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231008",
            url: "https://bugzilla.suse.com/1231008",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231035",
            url: "https://bugzilla.suse.com/1231035",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231120",
            url: "https://bugzilla.suse.com/1231120",
         },
         {
            category: "self",
            summary: "SUSE Bug 1231146",
            url: "https://bugzilla.suse.com/1231146",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-52752 page",
            url: "https://www.suse.com/security/cve/CVE-2023-52752/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-52915 page",
            url: "https://www.suse.com/security/cve/CVE-2023-52915/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2023-52916 page",
            url: "https://www.suse.com/security/cve/CVE-2023-52916/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-26759 page",
            url: "https://www.suse.com/security/cve/CVE-2024-26759/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-26804 page",
            url: "https://www.suse.com/security/cve/CVE-2024-26804/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-36953 page",
            url: "https://www.suse.com/security/cve/CVE-2024-36953/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38538 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38538/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-38632 page",
            url: "https://www.suse.com/security/cve/CVE-2024-38632/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-40965 page",
            url: "https://www.suse.com/security/cve/CVE-2024-40965/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-40973 page",
            url: "https://www.suse.com/security/cve/CVE-2024-40973/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-40983 page",
            url: "https://www.suse.com/security/cve/CVE-2024-40983/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-42154 page",
            url: "https://www.suse.com/security/cve/CVE-2024-42154/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-42252 page",
            url: "https://www.suse.com/security/cve/CVE-2024-42252/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43832 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43832/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43835 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43835/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43870 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43870/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43886 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43886/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43890 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43890/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43904 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43904/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-43914 page",
            url: "https://www.suse.com/security/cve/CVE-2024-43914/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44946 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44946/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44947 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44947/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44948 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44948/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44952 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44952/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44954 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44954/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44960 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44960/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44961 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44961/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44962 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44962/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44965 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44965/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44967 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44967/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44969 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44969/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44970 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44970/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44971 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44971/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44972 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44972/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44977 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44977/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44982 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44982/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44984 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44984/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44986 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44986/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44987 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44987/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44988 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44988/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44989 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44989/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44990 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44990/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44991 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44991/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44997 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44997/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-44999 page",
            url: "https://www.suse.com/security/cve/CVE-2024-44999/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45000 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45000/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45001 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45001/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45002 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45002/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45005 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45005/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45006 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45006/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45007 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45007/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45008 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45008/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45011 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45011/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45012 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45012/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45013 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45013/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45015 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45015/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45017 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45017/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45018 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45018/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45019 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45019/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45020 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45020/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45021 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45021/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45022 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45022/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45023 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45023/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45026 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45026/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45028 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45028/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45029 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45029/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-45030 page",
            url: "https://www.suse.com/security/cve/CVE-2024-45030/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46672 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46672/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46673 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46673/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46674 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46674/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46675 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46675/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46676 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46676/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46677 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46677/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46679 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46679/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46685 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46685/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46686 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46686/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46687 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46687/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46689 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46689/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46691 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46691/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46692 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46692/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46693 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46693/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46694 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46694/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46695 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46695/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46702 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46702/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46706 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46706/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46707 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46707/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46709 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46709/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46710 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46710/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46711 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46711/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46714 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46714/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46715 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46715/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46716 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46716/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46717 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46717/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46719 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46719/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46720 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46720/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46722 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46722/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46723 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46723/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46724 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46724/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46725 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46725/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46726 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46726/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46727 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46727/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46728 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46728/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46729 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46729/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46730 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46730/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46731 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46731/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46732 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46732/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46734 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46734/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46735 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46735/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46737 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46737/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46738 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46738/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46739 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46739/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46741 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46741/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46743 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46743/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46744 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46744/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46745 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46745/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46746 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46746/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46747 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46747/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46749 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46749/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46750 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46750/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46751 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46751/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46752 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46752/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46753 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46753/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46755 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46755/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46756 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46756/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46757 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46757/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46758 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46758/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46759 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46759/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46760 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46760/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46761 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46761/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46767 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46767/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46771 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46771/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46772 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46772/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46773 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46773/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46774 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46774/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46776 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46776/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46778 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46778/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46780 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46780/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46781 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46781/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46783 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46783/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46784 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46784/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46786 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46786/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46787 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46787/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46791 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46791/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46794 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46794/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46797 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46797/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46798 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46798/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2024-46822 page",
            url: "https://www.suse.com/security/cve/CVE-2024-46822/",
         },
      ],
      title: "Security update for the Linux Kernel",
      tracking: {
         current_release_date: "2024-10-08T15:10:23Z",
         generator: {
            date: "2024-10-08T15:10:23Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2024:3553-1",
         initial_release_date: "2024-10-08T15:10:23Z",
         revision_history: [
            {
               date: "2024-10-08T15:10:23Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                        product: {
                           name: "kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                           product_id: "kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                        product: {
                           name: "kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                           product_id: "kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "cluster-md-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "cluster-md-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "cluster-md-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "dlm-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "dlm-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "dlm-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "gfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "gfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "gfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-extra-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-extra-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-extra-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-optional-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-optional-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-optional-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco_debug-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco_debug-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco_debug-livepatch-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-coco_debug-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-coco_debug-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-coco_debug-vdso-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kselftests-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "kselftests-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "kselftests-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "ocfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "ocfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "ocfs2-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        product: {
                           name: "reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                           product_id: "reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
                        product: {
                           name: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
                           product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-confidential-computing:15:sp6",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
            },
            product_reference: "kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
            },
            product_reference: "kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
               product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            },
            product_reference: "reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2023-52752",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-52752",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n  [ 816.251274] general protection fault, probably for non-canonical\n  address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n  ...\n  [  816.260138] Call Trace:\n  [  816.260329]  <TASK>\n  [  816.260499]  ? die_addr+0x36/0x90\n  [  816.260762]  ? exc_general_protection+0x1b3/0x410\n  [  816.261126]  ? asm_exc_general_protection+0x26/0x30\n  [  816.261502]  ? cifs_debug_tcon+0xbd/0x240 [cifs]\n  [  816.261878]  ? cifs_debug_tcon+0xab/0x240 [cifs]\n  [  816.262249]  cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n  [  816.262689]  ? seq_read_iter+0x379/0x470\n  [  816.262995]  seq_read_iter+0x118/0x470\n  [  816.263291]  proc_reg_read_iter+0x53/0x90\n  [  816.263596]  ? srso_alias_return_thunk+0x5/0x7f\n  [  816.263945]  vfs_read+0x201/0x350\n  [  816.264211]  ksys_read+0x75/0x100\n  [  816.264472]  do_syscall_64+0x3f/0x90\n  [  816.264750]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n  [  816.265135] RIP: 0033:0x7fd5e669d381",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-52752",
               url: "https://www.suse.com/security/cve/CVE-2023-52752",
            },
            {
               category: "external",
               summary: "SUSE Bug 1225487 for CVE-2023-52752",
               url: "https://bugzilla.suse.com/1225487",
            },
            {
               category: "external",
               summary: "SUSE Bug 1225819 for CVE-2023-52752",
               url: "https://bugzilla.suse.com/1225819",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2023-52752",
      },
      {
         cve: "CVE-2023-52915",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-52915",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer\n\nIn af9035_i2c_master_xfer, msg is controlled by user. When msg[i].buf\nis null and msg[i].len is zero, former checks on msg[i].buf would be\npassed. Malicious data finally reach af9035_i2c_master_xfer. If accessing\nmsg[i].buf[0] without sanity check, null ptr deref would happen.\nWe add check on msg[i].len to prevent crash.\n\nSimilar commit:\ncommit 0ed554fd769a\n(\"media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()\")",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-52915",
               url: "https://www.suse.com/security/cve/CVE-2023-52915",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230270 for CVE-2023-52915",
               url: "https://bugzilla.suse.com/1230270",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-52915",
      },
      {
         cve: "CVE-2023-52916",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2023-52916",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: aspeed: Fix memory overwrite if timing is 1600x900\n\nWhen capturing 1600x900, system could crash when system memory usage is\ntight.\n\nThe way to reproduce this issue:\n1. Use 1600x900 to display on host\n2. Mount ISO through 'Virtual media' on OpenBMC's web\n3. Run script as below on host to do sha continuously\n  #!/bin/bash\n  while [ [1] ];\n  do\n\tfind /media -type f -printf '\"%h/%f\"\\n' | xargs sha256sum\n  done\n4. Open KVM on OpenBMC's web\n\nThe size of macro block captured is 8x8. Therefore, we should make sure\nthe height of src-buf is 8 aligned to fix this issue.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2023-52916",
               url: "https://www.suse.com/security/cve/CVE-2023-52916",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230269 for CVE-2023-52916",
               url: "https://bugzilla.suse.com/1230269",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2023-52916",
      },
      {
         cve: "CVE-2024-26759",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-26759",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/swap: fix race when skipping swapcache\n\nWhen skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads\nswapin the same entry at the same time, they get different pages (A, B). \nBefore one thread (T0) finishes the swapin and installs page (A) to the\nPTE, another thread (T1) could finish swapin of page (B), swap_free the\nentry, then swap out the possibly modified page reusing the same entry. \nIt breaks the pte_same check in (T0) because PTE value is unchanged,\ncausing ABA problem.  Thread (T0) will install a stalled page (A) into the\nPTE and cause data corruption.\n\nOne possible callstack is like this:\n\nCPU0                                 CPU1\n----                                 ----\ndo_swap_page()                       do_swap_page() with same entry\n<direct swapin path>                 <direct swapin path>\n<alloc page A>                       <alloc page B>\nswap_read_folio() <- read to page A  swap_read_folio() <- read to page B\n<slow on later locks or interrupt>   <finished swapin first>\n...                                  set_pte_at()\n                                     swap_free() <- entry is free\n                                     <write to page B, now page A stalled>\n                                     <swap out page B to same swap entry>\npte_same() <- Check pass, PTE seems\n              unchanged, but page A\n              is stalled!\nswap_free() <- page B content lost!\nset_pte_at() <- staled page A installed!\n\nAnd besides, for ZRAM, swap_free() allows the swap device to discard the\nentry content, so even if page (B) is not modified, if swap_read_folio()\non CPU0 happens later than swap_free() on CPU1, it may also cause data\nloss.\n\nTo fix this, reuse swapcache_prepare which will pin the swap entry using\nthe cache flag, and allow only one thread to swap it in, also prevent any\nparallel code from putting the entry in the cache.  Release the pin after\nPT unlocked.\n\nRacers just loop and wait since it's a rare and very short event.  A\nschedule_timeout_uninterruptible(1) call is added to avoid repeated page\nfaults wasting too much CPU, causing livelock or adding too much noise to\nperf statistics.  A similar livelock issue was described in commit\n029c4628b2eb (\"mm: swap: get rid of livelock in swapin readahead\")\n\nReproducer:\n\nThis race issue can be triggered easily using a well constructed\nreproducer and patched brd (with a delay in read path) [1]:\n\nWith latest 6.8 mainline, race caused data loss can be observed easily:\n$ gcc -g -lpthread test-thread-swap-race.c && ./a.out\n  Polulating 32MB of memory region...\n  Keep swapping out...\n  Starting round 0...\n  Spawning 65536 workers...\n  32746 workers spawned, wait for done...\n  Round 0: Error on 0x5aa00, expected 32746, got 32743, 3 data loss!\n  Round 0: Error on 0x395200, expected 32746, got 32743, 3 data loss!\n  Round 0: Error on 0x3fd000, expected 32746, got 32737, 9 data loss!\n  Round 0 Failed, 15 data loss!\n\nThis reproducer spawns multiple threads sharing the same memory region\nusing a small swap device.  Every two threads updates mapped pages one by\none in opposite direction trying to create a race, with one dedicated\nthread keep swapping out the data out using madvise.\n\nThe reproducer created a reproduce rate of about once every 5 minutes, so\nthe race should be totally possible in production.\n\nAfter this patch, I ran the reproducer for over a few hundred rounds and\nno data loss observed.\n\nPerformance overhead is minimal, microbenchmark swapin 10G from 32G\nzram:\n\nBefore:     10934698 us\nAfter:      11157121 us\nCached:     13155355 us (Dropping SWP_SYNCHRONOUS_IO flag)\n\n[kasong@tencent.com: v4]\n  Link: https://lkml.kernel.org/r/20240219082040.7495-1-ryncsn@gmail.com",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-26759",
               url: "https://www.suse.com/security/cve/CVE-2024-26759",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230340 for CVE-2024-26759",
               url: "https://bugzilla.suse.com/1230340",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-26759",
      },
      {
         cve: "CVE-2024-26804",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-26804",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: prevent perpetual headroom growth\n\nsyzkaller triggered following kasan splat:\nBUG: KASAN: use-after-free in __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170\nRead of size 1 at addr ffff88812fb4000e by task syz-executor183/5191\n[..]\n kasan_report+0xda/0x110 mm/kasan/report.c:588\n __skb_flow_dissect+0x19d1/0x7a50 net/core/flow_dissector.c:1170\n skb_flow_dissect_flow_keys include/linux/skbuff.h:1514 [inline]\n ___skb_get_hash net/core/flow_dissector.c:1791 [inline]\n __skb_get_hash+0xc7/0x540 net/core/flow_dissector.c:1856\n skb_get_hash include/linux/skbuff.h:1556 [inline]\n ip_tunnel_xmit+0x1855/0x33c0 net/ipv4/ip_tunnel.c:748\n ipip_tunnel_xmit+0x3cc/0x4e0 net/ipv4/ipip.c:308\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x13d/0x6d0 net/core/dev.c:3564\n __dev_queue_xmit+0x7c1/0x3d60 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n neigh_connected_output+0x42c/0x5d0 net/core/neighbour.c:1592\n ...\n ip_finish_output2+0x833/0x2550 net/ipv4/ip_output.c:235\n ip_finish_output+0x31/0x310 net/ipv4/ip_output.c:323\n ..\n iptunnel_xmit+0x5b4/0x9b0 net/ipv4/ip_tunnel_core.c:82\n ip_tunnel_xmit+0x1dbc/0x33c0 net/ipv4/ip_tunnel.c:831\n ipgre_xmit+0x4a1/0x980 net/ipv4/ip_gre.c:665\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x13d/0x6d0 net/core/dev.c:3564\n ...\n\nThe splat occurs because skb->data points past skb->head allocated area.\nThis is because neigh layer does:\n  __skb_pull(skb, skb_network_offset(skb));\n\n... but skb_network_offset() returns a negative offset and __skb_pull()\narg is unsigned.  IOW, we skb->data gets \"adjusted\" by a huge value.\n\nThe negative value is returned because skb->head and skb->data distance is\nmore than 64k and skb->network_header (u16) has wrapped around.\n\nThe bug is in the ip_tunnel infrastructure, which can cause\ndev->needed_headroom to increment ad infinitum.\n\nThe syzkaller reproducer consists of packets getting routed via a gre\ntunnel, and route of gre encapsulated packets pointing at another (ipip)\ntunnel.  The ipip encapsulation finds gre0 as next output device.\n\nThis results in the following pattern:\n\n1). First packet is to be sent out via gre0.\nRoute lookup found an output device, ipip0.\n\n2).\nip_tunnel_xmit for gre0 bumps gre0->needed_headroom based on the future\noutput device, rt.dev->needed_headroom (ipip0).\n\n3).\nip output / start_xmit moves skb on to ipip0. which runs the same\ncode path again (xmit recursion).\n\n4).\nRouting step for the post-gre0-encap packet finds gre0 as output device\nto use for ipip0 encapsulated packet.\n\ntunl0->needed_headroom is then incremented based on the (already bumped)\ngre0 device headroom.\n\nThis repeats for every future packet:\n\ngre0->needed_headroom gets inflated because previous packets' ipip0 step\nincremented rt->dev (gre0) headroom, and ipip0 incremented because gre0\nneeded_headroom was increased.\n\nFor each subsequent packet, gre/ipip0->needed_headroom grows until\npost-expand-head reallocations result in a skb->head/data distance of\nmore than 64k.\n\nOnce that happens, skb->network_header (u16) wraps around when\npskb_expand_head tries to make sure that skb_network_offset() is unchanged\nafter the headroom expansion/reallocation.\n\nAfter this skb_network_offset(skb) returns a different (and negative)\nresult post headroom expansion.\n\nThe next trip to neigh layer (or anything else that would __skb_pull the\nnetwork header) makes skb->data point to a memory location outside\nskb->head area.\n\nv2: Cap the needed_headroom update to an arbitarily chosen upperlimit to\nprevent perpetual increase instead of dropping the headroom increment\ncompletely.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-26804",
               url: "https://www.suse.com/security/cve/CVE-2024-26804",
            },
            {
               category: "external",
               summary: "SUSE Bug 1222629 for CVE-2024-26804",
               url: "https://bugzilla.suse.com/1222629",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-26804",
      },
      {
         cve: "CVE-2024-36953",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-36953",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr()\n\nvgic_v2_parse_attr() is responsible for finding the vCPU that matches\nthe user-provided CPUID, which (of course) may not be valid. If the ID\nis invalid, kvm_get_vcpu_by_id() returns NULL, which isn't handled\ngracefully.\n\nSimilar to the GICv3 uaccess flow, check that kvm_get_vcpu_by_id()\nactually returns something and fail the ioctl if not.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-36953",
               url: "https://www.suse.com/security/cve/CVE-2024-36953",
            },
            {
               category: "external",
               summary: "SUSE Bug 1225812 for CVE-2024-36953",
               url: "https://bugzilla.suse.com/1225812",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-36953",
      },
      {
         cve: "CVE-2024-38538",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38538",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: xmit: make sure we have at least eth header len bytes\n\nsyzbot triggered an uninit value[1] error in bridge device's xmit path\nby sending a short (less than ETH_HLEN bytes) skb. To fix it check if\nwe can actually pull that amount instead of assuming.\n\nTested with dropwatch:\n drop at: br_dev_xmit+0xb93/0x12d0 [bridge] (0xffffffffc06739b3)\n origin: software\n timestamp: Mon May 13 11:31:53 2024 778214037 nsec\n protocol: 0x88a8\n length: 2\n original length: 2\n drop reason: PKT_TOO_SMALL\n\n[1]\nBUG: KMSAN: uninit-value in br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n br_dev_xmit+0x61d/0x1cb0 net/bridge/br_device.c:65\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x34db/0x5350 net/core/dev.c:4341\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n __bpf_tx_skb net/core/filter.c:2136 [inline]\n __bpf_redirect_common net/core/filter.c:2180 [inline]\n __bpf_redirect+0x14a6/0x1620 net/core/filter.c:2187\n ____bpf_clone_redirect net/core/filter.c:2460 [inline]\n bpf_clone_redirect+0x328/0x470 net/core/filter.c:2432\n ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997\n __bpf_prog_run512+0xb5/0xe0 kernel/bpf/core.c:2238\n bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]\n __bpf_prog_run include/linux/filter.h:657 [inline]\n bpf_prog_run include/linux/filter.h:664 [inline]\n bpf_test_run+0x499/0xc30 net/bpf/test_run.c:425\n bpf_prog_test_run_skb+0x14ea/0x1f20 net/bpf/test_run.c:1058\n bpf_prog_test_run+0x6b7/0xad0 kernel/bpf/syscall.c:4269\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5678\n __do_sys_bpf kernel/bpf/syscall.c:5767 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5765 [inline]\n __x64_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5765\n x64_sys_call+0x96b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38538",
               url: "https://www.suse.com/security/cve/CVE-2024-38538",
            },
            {
               category: "external",
               summary: "SUSE Bug 1226606 for CVE-2024-38538",
               url: "https://bugzilla.suse.com/1226606",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-38538",
      },
      {
         cve: "CVE-2024-38632",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-38632",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix potential memory leak in vfio_intx_enable()\n\nIf vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-38632",
               url: "https://www.suse.com/security/cve/CVE-2024-38632",
            },
            {
               category: "external",
               summary: "SUSE Bug 1226860 for CVE-2024-38632",
               url: "https://bugzilla.suse.com/1226860",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-38632",
      },
      {
         cve: "CVE-2024-40965",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-40965",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: lpi2c: Avoid calling clk_get_rate during transfer\n\nInstead of repeatedly calling clk_get_rate for each transfer, lock\nthe clock rate and cache the value.\nA deadlock has been observed while adding tlv320aic32x4 audio codec to\nthe system. When this clock provider adds its clock, the clk mutex is\nlocked already, it needs to access i2c, which in return needs the mutex\nfor clk_get_rate as well.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-40965",
               url: "https://www.suse.com/security/cve/CVE-2024-40965",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227885 for CVE-2024-40965",
               url: "https://bugzilla.suse.com/1227885",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-40965",
      },
      {
         cve: "CVE-2024-40973",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-40973",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mtk-vcodec: potential null pointer deference in SCP\n\nThe return value of devm_kzalloc() needs to be checked to avoid\nNULL pointer deference. This is similar to CVE-2022-3113.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-40973",
               url: "https://www.suse.com/security/cve/CVE-2024-40973",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227890 for CVE-2024-40973",
               url: "https://bugzilla.suse.com/1227890",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-40973",
      },
      {
         cve: "CVE-2024-40983",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-40983",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: force a dst refcount before doing decryption\n\nAs it says in commit 3bc07321ccc2 (\"xfrm: Force a dst refcount before\nentering the xfrm type handlers\"):\n\n\"Crypto requests might return asynchronous. In this case we leave the\n rcu protected region, so force a refcount on the skb's destination\n entry before we enter the xfrm type input/output handlers.\"\n\nOn TIPC decryption path it has the same problem, and skb_dst_force()\nshould be called before doing decryption to avoid a possible crash.\n\nShuang reported this issue when this warning is triggered:\n\n  [] WARNING: include/net/dst.h:337 tipc_sk_rcv+0x1055/0x1ea0 [tipc]\n  [] Kdump: loaded Tainted: G W --------- - - 4.18.0-496.el8.x86_64+debug\n  [] Workqueue: crypto cryptd_queue_worker\n  [] RIP: 0010:tipc_sk_rcv+0x1055/0x1ea0 [tipc]\n  [] Call Trace:\n  [] tipc_sk_mcast_rcv+0x548/0xea0 [tipc]\n  [] tipc_rcv+0xcf5/0x1060 [tipc]\n  [] tipc_aead_decrypt_done+0x215/0x2e0 [tipc]\n  [] cryptd_aead_crypt+0xdb/0x190\n  [] cryptd_queue_worker+0xed/0x190\n  [] process_one_work+0x93d/0x17e0",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-40983",
               url: "https://www.suse.com/security/cve/CVE-2024-40983",
            },
            {
               category: "external",
               summary: "SUSE Bug 1227819 for CVE-2024-40983",
               url: "https://bugzilla.suse.com/1227819",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-40983",
      },
      {
         cve: "CVE-2024-42154",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-42154",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_metrics: validate source addr length\n\nI don't see anything checking that TCP_METRICS_ATTR_SADDR_IPV4\nis at least 4 bytes long, and the policy doesn't have an entry\nfor this attribute at all (neither does it for IPv6 but v6 is\nmanually validated).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-42154",
               url: "https://www.suse.com/security/cve/CVE-2024-42154",
            },
            {
               category: "external",
               summary: "SUSE Bug 1228507 for CVE-2024-42154",
               url: "https://bugzilla.suse.com/1228507",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-42154",
      },
      {
         cve: "CVE-2024-42252",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-42252",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nclosures: Change BUG_ON() to WARN_ON()\n\nIf a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON()\n\nFor reference, this has popped up once in the CI, and we'll need more\ninfo to debug it:\n\n03240 ------------[ cut here ]------------\n03240 kernel BUG at lib/closure.c:21!\n03240 kernel BUG at lib/closure.c:21!\n03240 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n03240 Modules linked in:\n03240 CPU: 15 PID: 40534 Comm: kworker/u80:1 Not tainted 6.10.0-rc4-ktest-ga56da69799bd #25570\n03240 Hardware name: linux,dummy-virt (DT)\n03240 Workqueue: btree_update btree_interior_update_work\n03240 pstate: 00001005 (nzcv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--)\n03240 pc : closure_put+0x224/0x2a0\n03240 lr : closure_put+0x24/0x2a0\n03240 sp : ffff0000d12071c0\n03240 x29: ffff0000d12071c0 x28: dfff800000000000 x27: ffff0000d1207360\n03240 x26: 0000000000000040 x25: 0000000000000040 x24: 0000000000000040\n03240 x23: ffff0000c1f20180 x22: 0000000000000000 x21: ffff0000c1f20168\n03240 x20: 0000000040000000 x19: ffff0000c1f20140 x18: 0000000000000001\n03240 x17: 0000000000003aa0 x16: 0000000000003ad0 x15: 1fffe0001c326974\n03240 x14: 0000000000000a1e x13: 0000000000000000 x12: 1fffe000183e402d\n03240 x11: ffff6000183e402d x10: dfff800000000000 x9 : ffff6000183e402e\n03240 x8 : 0000000000000001 x7 : 00009fffe7c1bfd3 x6 : ffff0000c1f2016b\n03240 x5 : ffff0000c1f20168 x4 : ffff6000183e402e x3 : ffff800081391954\n03240 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000a8000000\n03240 Call trace:\n03240  closure_put+0x224/0x2a0\n03240  bch2_check_for_deadlock+0x910/0x1028\n03240  bch2_six_check_for_deadlock+0x1c/0x30\n03240  six_lock_slowpath.isra.0+0x29c/0xed0\n03240  six_lock_ip_waiter+0xa8/0xf8\n03240  __bch2_btree_node_lock_write+0x14c/0x298\n03240  bch2_trans_lock_write+0x6d4/0xb10\n03240  __bch2_trans_commit+0x135c/0x5520\n03240  btree_interior_update_work+0x1248/0x1c10\n03240  process_scheduled_works+0x53c/0xd90\n03240  worker_thread+0x370/0x8c8\n03240  kthread+0x258/0x2e8\n03240  ret_from_fork+0x10/0x20\n03240 Code: aa1303e0 d63f0020 a94363f7 17ffff8c (d4210000)\n03240 ---[ end trace 0000000000000000 ]---\n03240 Kernel panic - not syncing: Oops - BUG: Fatal exception\n03240 SMP: stopping secondary CPUs\n03241 SMP: failed to stop secondary CPUs 13,15\n03241 Kernel Offset: disabled\n03241 CPU features: 0x00,00000003,80000008,4240500b\n03241 Memory Limit: none\n03241 ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]---\n03246 ========= FAILED TIMEOUT copygc_torture_no_checksum in 7200s",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-42252",
               url: "https://www.suse.com/security/cve/CVE-2024-42252",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229004 for CVE-2024-42252",
               url: "https://bugzilla.suse.com/1229004",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-42252",
      },
      {
         cve: "CVE-2024-43832",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43832",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/uv: Don't call folio_wait_writeback() without a folio reference\n\nfolio_wait_writeback() requires that no spinlocks are held and that\na folio reference is held, as documented. After we dropped the PTL, the\nfolio could get freed concurrently. So grab a temporary reference.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43832",
               url: "https://www.suse.com/security/cve/CVE-2024-43832",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229380 for CVE-2024-43832",
               url: "https://bugzilla.suse.com/1229380",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43832",
      },
      {
         cve: "CVE-2024-43835",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43835",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix napi_skb_cache_put warning\n\nAfter the commit bdacf3e34945 (\"net: Use nested-BH locking for\nnapi_alloc_cache.\") was merged, the following warning began to appear:\n\n\t WARNING: CPU: 5 PID: 1 at net/core/skbuff.c:1451 napi_skb_cache_put+0x82/0x4b0\n\n\t  __warn+0x12f/0x340\n\t  napi_skb_cache_put+0x82/0x4b0\n\t  napi_skb_cache_put+0x82/0x4b0\n\t  report_bug+0x165/0x370\n\t  handle_bug+0x3d/0x80\n\t  exc_invalid_op+0x1a/0x50\n\t  asm_exc_invalid_op+0x1a/0x20\n\t  __free_old_xmit+0x1c8/0x510\n\t  napi_skb_cache_put+0x82/0x4b0\n\t  __free_old_xmit+0x1c8/0x510\n\t  __free_old_xmit+0x1c8/0x510\n\t  __pfx___free_old_xmit+0x10/0x10\n\nThe issue arises because virtio is assuming it's running in NAPI context\neven when it's not, such as in the netpoll case.\n\nTo resolve this, modify virtnet_poll_tx() to only set NAPI when budget\nis available. Same for virtnet_poll_cleantx(), which always assumed that\nit was in a NAPI context.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43835",
               url: "https://www.suse.com/security/cve/CVE-2024-43835",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229289 for CVE-2024-43835",
               url: "https://bugzilla.suse.com/1229289",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43835",
      },
      {
         cve: "CVE-2024-43870",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43870",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exit\n\nWhen a task is scheduled out, pending sigtrap deliveries are deferred\nto the target task upon resume to userspace via task_work.\n\nHowever failures while adding an event's callback to the task_work\nengine are ignored. And since the last call for events exit happen\nafter task work is eventually closed, there is a small window during\nwhich pending sigtrap can be queued though ignored, leaking the event\nrefcount addition such as in the following scenario:\n\n    TASK A\n    -----\n\n    do_exit()\n       exit_task_work(tsk);\n\n       <IRQ>\n       perf_event_overflow()\n          event->pending_sigtrap = pending_id;\n          irq_work_queue(&event->pending_irq);\n       </IRQ>\n    =========> PREEMPTION: TASK A -> TASK B\n       event_sched_out()\n          event->pending_sigtrap = 0;\n          atomic_long_inc_not_zero(&event->refcount)\n          // FAILS: task work has exited\n          task_work_add(&event->pending_task)\n       [...]\n       <IRQ WORK>\n       perf_pending_irq()\n          // early return: event->oncpu = -1\n       </IRQ WORK>\n       [...]\n    =========> TASK B -> TASK A\n       perf_event_exit_task(tsk)\n          perf_event_exit_event()\n             free_event()\n                WARN(atomic_long_cmpxchg(&event->refcount, 1, 0) != 1)\n                // leak event due to unexpected refcount == 2\n\nAs a result the event is never released while the task exits.\n\nFix this with appropriate task_work_add()'s error handling.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43870",
               url: "https://www.suse.com/security/cve/CVE-2024-43870",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229494 for CVE-2024-43870",
               url: "https://bugzilla.suse.com/1229494",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43870",
      },
      {
         cve: "CVE-2024-43886",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43886",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null check in resource_log_pipe_topology_update\n\n[WHY]\nWhen switching from \"Extend\" to \"Second Display Only\" we sometimes\ncall resource_get_otg_master_for_stream on a stream for the eDP,\nwhich is disconnected. This leads to a null pointer dereference.\n\n[HOW]\nAdded a null check in dc_resource.c/resource_log_pipe_topology_update.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43886",
               url: "https://www.suse.com/security/cve/CVE-2024-43886",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229748 for CVE-2024-43886",
               url: "https://bugzilla.suse.com/1229748",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43886",
      },
      {
         cve: "CVE-2024-43890",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43890",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix overflow in get_free_elt()\n\n\"tracing_map->next_elt\" in get_free_elt() is at risk of overflowing.\n\nOnce it overflows, new elements can still be inserted into the tracing_map\neven though the maximum number of elements (`max_elts`) has been reached.\nContinuing to insert elements after the overflow could result in the\ntracing_map containing \"tracing_map->max_size\" elements, leaving no empty\nentries.\nIf any attempt is made to insert an element into a full tracing_map using\n`__tracing_map_insert()`, it will cause an infinite loop with preemption\ndisabled, leading to a CPU hang problem.\n\nFix this by preventing any further increments to \"tracing_map->next_elt\"\nonce it reaches \"tracing_map->max_elt\".",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43890",
               url: "https://www.suse.com/security/cve/CVE-2024-43890",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229764 for CVE-2024-43890",
               url: "https://bugzilla.suse.com/1229764",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43890",
      },
      {
         cve: "CVE-2024-43904",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43904",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing\n\nThis commit adds null checks for the 'stream' and 'plane' variables in\nthe dcn30_apply_idle_power_optimizations function. These variables were\npreviously assumed to be null at line 922, but they were used later in\nthe code without checking if they were null. This could potentially lead\nto a null pointer dereference, which would cause a crash.\n\nThe null checks ensure that 'stream' and 'plane' are not null before\nthey are used, preventing potential crashes.\n\nFixes the below static smatch checker:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:938 dcn30_apply_idle_power_optimizations() error: we previously assumed 'stream' could be null (see line 922)\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:940 dcn30_apply_idle_power_optimizations() error: we previously assumed 'plane' could be null (see line 922)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43904",
               url: "https://www.suse.com/security/cve/CVE-2024-43904",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229768 for CVE-2024-43904",
               url: "https://bugzilla.suse.com/1229768",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43904",
      },
      {
         cve: "CVE-2024-43914",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-43914",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid5: avoid BUG_ON() while continue reshape after reassembling\n\nCurrently, mdadm support --revert-reshape to abort the reshape while\nreassembling, as the test 07revert-grow. However, following BUG_ON()\ncan be triggerred by the test:\n\nkernel BUG at drivers/md/raid5.c:6278!\ninvalid opcode: 0000 [#1] PREEMPT SMP PTI\nirq event stamp: 158985\nCPU: 6 PID: 891 Comm: md0_reshape Not tainted 6.9.0-03335-g7592a0b0049a #94\nRIP: 0010:reshape_request+0x3f1/0xe60\nCall Trace:\n <TASK>\n raid5_sync_request+0x43d/0x550\n md_do_sync+0xb7a/0x2110\n md_thread+0x294/0x2b0\n kthread+0x147/0x1c0\n ret_from_fork+0x59/0x70\n ret_from_fork_asm+0x1a/0x30\n </TASK>\n\nRoot cause is that --revert-reshape update the raid_disks from 5 to 4,\nwhile reshape position is still set, and after reassembling the array,\nreshape position will be read from super block, then during reshape the\nchecking of 'writepos' that is caculated by old reshape position will\nfail.\n\nFix this panic the easy way first, by converting the BUG_ON() to\nWARN_ON(), and stop the reshape if checkings fail.\n\nNoted that mdadm must fix --revert-shape as well, and probably md/raid\nshould enhance metadata validation as well, however this means\nreassemble will fail and there must be user tools to fix the wrong\nmetadata.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-43914",
               url: "https://www.suse.com/security/cve/CVE-2024-43914",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229790 for CVE-2024-43914",
               url: "https://bugzilla.suse.com/1229790",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-43914",
      },
      {
         cve: "CVE-2024-44946",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44946",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nkcm: Serialise kcm_sendmsg() for the same socket.\n\nsyzkaller reported UAF in kcm_release(). [0]\n\nThe scenario is\n\n  1. Thread A builds a skb with MSG_MORE and sets kcm->seq_skb.\n\n  2. Thread A resumes building skb from kcm->seq_skb but is blocked\n     by sk_stream_wait_memory()\n\n  3. Thread B calls sendmsg() concurrently, finishes building kcm->seq_skb\n     and puts the skb to the write queue\n\n  4. Thread A faces an error and finally frees skb that is already in the\n     write queue\n\n  5. kcm_release() does double-free the skb in the write queue\n\nWhen a thread is building a MSG_MORE skb, another thread must not touch it.\n\nLet's add a per-sk mutex and serialise kcm_sendmsg().\n\n[0]:\nBUG: KASAN: slab-use-after-free in __skb_unlink include/linux/skbuff.h:2366 [inline]\nBUG: KASAN: slab-use-after-free in __skb_dequeue include/linux/skbuff.h:2385 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\nBUG: KASAN: slab-use-after-free in __skb_queue_purge include/linux/skbuff.h:3181 [inline]\nBUG: KASAN: slab-use-after-free in kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\nRead of size 8 at addr ffff0000ced0fc80 by task syz-executor329/6167\n\nCPU: 1 PID: 6167 Comm: syz-executor329 Tainted: G    B              6.8.0-rc5-syzkaller-g9abbc24128bc #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall trace:\n dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:291\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:298\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x178/0x518 mm/kasan/report.c:488\n kasan_report+0xd8/0x138 mm/kasan/report.c:601\n __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381\n __skb_unlink include/linux/skbuff.h:2366 [inline]\n __skb_dequeue include/linux/skbuff.h:2385 [inline]\n __skb_queue_purge_reason include/linux/skbuff.h:3175 [inline]\n __skb_queue_purge include/linux/skbuff.h:3181 [inline]\n kcm_release+0x170/0x4c8 net/kcm/kcmsock.c:1691\n __sock_release net/socket.c:659 [inline]\n sock_close+0xa4/0x1e8 net/socket.c:1421\n __fput+0x30c/0x738 fs/file_table.c:376\n ____fput+0x20/0x30 fs/file_table.c:404\n task_work_run+0x230/0x2e0 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x618/0x1f64 kernel/exit.c:871\n do_group_exit+0x194/0x22c kernel/exit.c:1020\n get_signal+0x1500/0x15ec kernel/signal.c:2893\n do_signal+0x23c/0x3b44 arch/arm64/kernel/signal.c:1249\n do_notify_resume+0x74/0x1f4 arch/arm64/kernel/entry-common.c:148\n exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]\n exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]\n el0_svc+0xac/0x168 arch/arm64/kernel/entry-common.c:713\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598\n\nAllocated by task 6166:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x70/0x84 mm/kasan/generic.c:626\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x74/0x8c mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x204/0x4c0 mm/slub.c:3903\n __alloc_skb+0x19c/0x3d8 net/core/skbuff.c:641\n alloc_skb include/linux/skbuff.h:1296 [inline]\n kcm_sendmsg+0x1d3c/0x2124 net/kcm/kcmsock.c:783\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_sendmsg+0x220/0x2c0 net/socket.c:768\n splice_to_socket+0x7cc/0xd58 fs/splice.c:889\n do_splice_from fs/splice.c:941 [inline]\n direct_splice_actor+0xec/0x1d8 fs/splice.c:1164\n splice_direct_to_actor+0x438/0xa0c fs/splice.c:1108\n do_splice_direct_actor \n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44946",
               url: "https://www.suse.com/security/cve/CVE-2024-44946",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230015 for CVE-2024-44946",
               url: "https://bugzilla.suse.com/1230015",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230016 for CVE-2024-44946",
               url: "https://bugzilla.suse.com/1230016",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-44946",
      },
      {
         cve: "CVE-2024-44947",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44947",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfuse: Initialize beyond-EOF page contents before setting uptodate\n\nfuse_notify_store(), unlike fuse_do_readpage(), does not enable page\nzeroing (because it can be used to change partial page contents).\n\nSo fuse_notify_store() must be more careful to fully initialize page\ncontents (including parts of the page that are beyond end-of-file)\nbefore marking the page uptodate.\n\nThe current code can leave beyond-EOF page contents uninitialized, which\nmakes these uninitialized page contents visible to userspace via mmap().\n\nThis is an information leak, but only affects systems which do not\nenable init-on-alloc (via CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y or the\ncorresponding kernel command line parameter).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44947",
               url: "https://www.suse.com/security/cve/CVE-2024-44947",
            },
            {
               category: "external",
               summary: "SUSE Bug 1229456 for CVE-2024-44947",
               url: "https://bugzilla.suse.com/1229456",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230098 for CVE-2024-44947",
               url: "https://bugzilla.suse.com/1230098",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-44947",
      },
      {
         cve: "CVE-2024-44948",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44948",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mtrr: Check if fixed MTRRs exist before saving them\n\nMTRRs have an obsolete fixed variant for fine grained caching control\nof the 640K-1MB region that uses separate MSRs. This fixed variant has\na separate capability bit in the MTRR capability MSR.\n\nSo far all x86 CPUs which support MTRR have this separate bit set, so it\nwent unnoticed that mtrr_save_state() does not check the capability bit\nbefore accessing the fixed MTRR MSRs.\n\nThough on a CPU that does not support the fixed MTRR capability this\nresults in a #GP.  The #GP itself is harmless because the RDMSR fault is\nhandled gracefully, but results in a WARN_ON().\n\nAdd the missing capability check to prevent this.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44948",
               url: "https://www.suse.com/security/cve/CVE-2024-44948",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230174 for CVE-2024-44948",
               url: "https://bugzilla.suse.com/1230174",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44948",
      },
      {
         cve: "CVE-2024-44952",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44952",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44952",
               url: "https://www.suse.com/security/cve/CVE-2024-44952",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230178 for CVE-2024-44952",
               url: "https://bugzilla.suse.com/1230178",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44952",
      },
      {
         cve: "CVE-2024-44954",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44954",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: line6: Fix racy access to midibuf\n\nThere can be concurrent accesses to line6 midibuf from both the URB\ncompletion callback and the rawmidi API access.  This could be a cause\nof KMSAN warning triggered by syzkaller below (so put as reported-by\nhere).\n\nThis patch protects the midibuf call of the former code path with a\nspinlock for avoiding the possible races.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44954",
               url: "https://www.suse.com/security/cve/CVE-2024-44954",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230176 for CVE-2024-44954",
               url: "https://bugzilla.suse.com/1230176",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44954",
      },
      {
         cve: "CVE-2024-44960",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44960",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: Check for unset descriptor\n\nMake sure the descriptor has been set before looking at maxpacket.\nThis fixes a null pointer panic in this case.\n\nThis may happen if the gadget doesn't properly set up the endpoint\nfor the current speed, or the gadget descriptors are malformed and\nthe descriptor for the speed/endpoint are not found.\n\nNo current gadget driver is known to have this problem, but this\nmay cause a hard-to-find bug during development of new gadgets.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44960",
               url: "https://www.suse.com/security/cve/CVE-2024-44960",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230191 for CVE-2024-44960",
               url: "https://bugzilla.suse.com/1230191",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-44960",
      },
      {
         cve: "CVE-2024-44961",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44961",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Forward soft recovery errors to userspace\n\nAs we discussed before[1], soft recovery should be\nforwarded to userspace, or we can get into a really\nbad state where apps will keep submitting hanging\ncommand buffers cascading us to a hard reset.\n\n1: https://lore.kernel.org/all/bf23d5ed-9a6b-43e7-84ee-8cbfd0d60f18@froggi.es/\n(cherry picked from commit 434967aadbbbe3ad9103cc29e9a327de20fdba01)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44961",
               url: "https://www.suse.com/security/cve/CVE-2024-44961",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230207 for CVE-2024-44961",
               url: "https://bugzilla.suse.com/1230207",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44961",
      },
      {
         cve: "CVE-2024-44962",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44962",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading\n\nWhen unload the btnxpuart driver, its associated timer will be deleted.\nIf the timer happens to be modified at this moment, it leads to the\nkernel call this timer even after the driver unloaded, resulting in\nkernel panic.\nUse timer_shutdown_sync() instead of del_timer_sync() to prevent rearming.\n\npanic log:\n  Internal error: Oops: 0000000086000007 [#1] PREEMPT SMP\n  Modules linked in: algif_hash algif_skcipher af_alg moal(O) mlan(O) crct10dif_ce polyval_ce polyval_generic   snd_soc_imx_card snd_soc_fsl_asoc_card snd_soc_imx_audmux mxc_jpeg_encdec v4l2_jpeg snd_soc_wm8962 snd_soc_fsl_micfil   snd_soc_fsl_sai flexcan snd_soc_fsl_utils ap130x rpmsg_ctrl imx_pcm_dma can_dev rpmsg_char pwm_fan fuse [last unloaded:   btnxpuart]\n  CPU: 5 PID: 723 Comm: memtester Tainted: G           O       6.6.23-lts-next-06207-g4aef2658ac28 #1\n  Hardware name: NXP i.MX95 19X19 board (DT)\n  pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n  pc : 0xffff80007a2cf464\n  lr : call_timer_fn.isra.0+0x24/0x80\n...\n  Call trace:\n   0xffff80007a2cf464\n   __run_timers+0x234/0x280\n   run_timer_softirq+0x20/0x40\n   __do_softirq+0x100/0x26c\n   ____do_softirq+0x10/0x1c\n   call_on_irq_stack+0x24/0x4c\n   do_softirq_own_stack+0x1c/0x2c\n   irq_exit_rcu+0xc0/0xdc\n   el0_interrupt+0x54/0xd8\n   __el0_irq_handler_common+0x18/0x24\n   el0t_64_irq_handler+0x10/0x1c\n   el0t_64_irq+0x190/0x194\n  Code: ???????? ???????? ???????? ???????? (????????)\n  ---[ end trace 0000000000000000 ]---\n  Kernel panic - not syncing: Oops: Fatal exception in interrupt\n  SMP: stopping secondary CPUs\n  Kernel Offset: disabled\n  CPU features: 0x0,c0000000,40028143,1000721b\n  Memory Limit: none\n  ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44962",
               url: "https://www.suse.com/security/cve/CVE-2024-44962",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230213 for CVE-2024-44962",
               url: "https://bugzilla.suse.com/1230213",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44962",
      },
      {
         cve: "CVE-2024-44965",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44965",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix pti_clone_pgtable() alignment assumption\n\nGuenter reported dodgy crashes on an i386-nosmp build using GCC-11\nthat had the form of endless traps until entry stack exhaust and then\n#DF from the stack guard.\n\nIt turned out that pti_clone_pgtable() had alignment assumptions on\nthe start address, notably it hard assumes start is PMD aligned. This\nis true on x86_64, but very much not true on i386.\n\nThese assumptions can cause the end condition to malfunction, leading\nto a 'short' clone. Guess what happens when the user mapping has a\nshort copy of the entry text?\n\nUse the correct increment form for addr to avoid alignment\nassumptions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44965",
               url: "https://www.suse.com/security/cve/CVE-2024-44965",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230221 for CVE-2024-44965",
               url: "https://bugzilla.suse.com/1230221",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44965",
      },
      {
         cve: "CVE-2024-44967",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44967",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mgag200: Bind I2C lifetime to DRM device\n\nManaged cleanup with devm_add_action_or_reset() will release the I2C\nadapter when the underlying Linux device goes away. But the connector\nstill refers to it, so this cleanup leaves behind a stale pointer\nin struct drm_connector.ddc.\n\nBind the lifetime of the I2C adapter to the connector's lifetime by\nusing DRM's managed release. When the DRM device goes away (after\nthe Linux device) DRM will first clean up the connector and then\nclean up the I2C adapter.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44967",
               url: "https://www.suse.com/security/cve/CVE-2024-44967",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230224 for CVE-2024-44967",
               url: "https://bugzilla.suse.com/1230224",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44967",
      },
      {
         cve: "CVE-2024-44969",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44969",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/sclp: Prevent release of buffer in I/O\n\nWhen a task waiting for completion of a Store Data operation is\ninterrupted, an attempt is made to halt this operation. If this attempt\nfails due to a hardware or firmware problem, there is a chance that the\nSCLP facility might store data into buffers referenced by the original\noperation at a later time.\n\nHandle this situation by not releasing the referenced data buffers if\nthe halt attempt fails. For current use cases, this might result in a\nleak of few pages of memory in case of a rare hardware/firmware\nmalfunction.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44969",
               url: "https://www.suse.com/security/cve/CVE-2024-44969",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230200 for CVE-2024-44969",
               url: "https://bugzilla.suse.com/1230200",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44969",
      },
      {
         cve: "CVE-2024-44970",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44970",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: SHAMPO, Fix invalid WQ linked list unlink\n\nWhen all the strides in a WQE have been consumed, the WQE is unlinked\nfrom the WQ linked list (mlx5_wq_ll_pop()). For SHAMPO, it is possible\nto receive CQEs with 0 consumed strides for the same WQE even after the\nWQE is fully consumed and unlinked. This triggers an additional unlink\nfor the same wqe which corrupts the linked list.\n\nFix this scenario by accepting 0 sized consumed strides without\nunlinking the WQE again.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44970",
               url: "https://www.suse.com/security/cve/CVE-2024-44970",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230209 for CVE-2024-44970",
               url: "https://bugzilla.suse.com/1230209",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44970",
      },
      {
         cve: "CVE-2024-44971",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44971",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register()\n\nbcm_sf2_mdio_register() calls of_phy_find_device() and then\nphy_device_remove() in a loop to remove existing PHY devices.\nof_phy_find_device() eventually calls bus_find_device(), which calls\nget_device() on the returned struct device * to increment the refcount.\nThe current implementation does not decrement the refcount, which causes\nmemory leak.\n\nThis commit adds the missing phy_device_free() call to decrement the\nrefcount via put_device() to balance the refcount.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44971",
               url: "https://www.suse.com/security/cve/CVE-2024-44971",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230211 for CVE-2024-44971",
               url: "https://bugzilla.suse.com/1230211",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44971",
      },
      {
         cve: "CVE-2024-44972",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44972",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not clear page dirty inside extent_write_locked_range()\n\n[BUG]\nFor subpage + zoned case, the following workload can lead to rsv data\nleak at unmount time:\n\n  # mkfs.btrfs -f -s 4k $dev\n  # mount $dev $mnt\n  # fsstress -w -n 8 -d $mnt -s 1709539240\n  0/0: fiemap - no filename\n  0/1: copyrange read - no filename\n  0/2: write - no filename\n  0/3: rename - no source filename\n  0/4: creat f0 x:0 0 0\n  0/4: creat add id=0,parent=-1\n  0/5: writev f0[259 1 0 0 0 0] [778052,113,965] 0\n  0/6: ioctl(FIEMAP) f0[259 1 0 0 224 887097] [1294220,2291618343991484791,0x10000] -1\n  0/7: dwrite - xfsctl(XFS_IOC_DIOINFO) f0[259 1 0 0 224 887097] return 25, fallback to stat()\n  0/7: dwrite f0[259 1 0 0 224 887097] [696320,102400] 0\n  # umount $mnt\n\nThe dmesg includes the following rsv leak detection warning (all call\ntrace skipped):\n\n  ------------[ cut here ]------------\n  WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8653 btrfs_destroy_inode+0x1e0/0x200 [btrfs]\n  ---[ end trace 0000000000000000 ]---\n  ------------[ cut here ]------------\n  WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8654 btrfs_destroy_inode+0x1a8/0x200 [btrfs]\n  ---[ end trace 0000000000000000 ]---\n  ------------[ cut here ]------------\n  WARNING: CPU: 2 PID: 4528 at fs/btrfs/inode.c:8660 btrfs_destroy_inode+0x1a0/0x200 [btrfs]\n  ---[ end trace 0000000000000000 ]---\n  BTRFS info (device sda): last unmount of filesystem 1b4abba9-de34-4f07-9e7f-157cf12a18d6\n  ------------[ cut here ]------------\n  WARNING: CPU: 3 PID: 4528 at fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs]\n  ---[ end trace 0000000000000000 ]---\n  BTRFS info (device sda): space_info DATA has 268218368 free, is not full\n  BTRFS info (device sda): space_info total=268435456, used=204800, pinned=0, reserved=0, may_use=12288, readonly=0 zone_unusable=0\n  BTRFS info (device sda): global_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): trans_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): chunk_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): delayed_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): delayed_refs_rsv: size 0 reserved 0\n  ------------[ cut here ]------------\n  WARNING: CPU: 3 PID: 4528 at fs/btrfs/block-group.c:4434 btrfs_free_block_groups+0x338/0x500 [btrfs]\n  ---[ end trace 0000000000000000 ]---\n  BTRFS info (device sda): space_info METADATA has 267796480 free, is not full\n  BTRFS info (device sda): space_info total=268435456, used=131072, pinned=0, reserved=0, may_use=262144, readonly=0 zone_unusable=245760\n  BTRFS info (device sda): global_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): trans_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): chunk_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): delayed_block_rsv: size 0 reserved 0\n  BTRFS info (device sda): delayed_refs_rsv: size 0 reserved 0\n\nAbove $dev is a tcmu-runner emulated zoned HDD, which has a max zone\nappend size of 64K, and the system has 64K page size.\n\n[CAUSE]\nI have added several trace_printk() to show the events (header skipped):\n\n  > btrfs_dirty_pages: r/i=5/259 dirty start=774144 len=114688\n  > btrfs_dirty_pages: r/i=5/259 dirty part of page=720896 off_in_page=53248 len_in_page=12288\n  > btrfs_dirty_pages: r/i=5/259 dirty part of page=786432 off_in_page=0 len_in_page=65536\n  > btrfs_dirty_pages: r/i=5/259 dirty part of page=851968 off_in_page=0 len_in_page=36864\n\nThe above lines show our buffered write has dirtied 3 pages of inode\n259 of root 5:\n\n  704K             768K              832K              896K\n  I           |////I/////////////////I///////////|     I\n              756K                               868K\n\n  |///| is the dirtied range using subpage bitmaps. and 'I' is the page\n  boundary.\n\n  Meanwhile all three pages (704K, 768K, 832K) have their PageDirty\n  flag set.\n\n  > btrfs_direct_write: r/i=5/259 start dio filepos=696320 len=102400\n\nThen direct IO writ\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44972",
               url: "https://www.suse.com/security/cve/CVE-2024-44972",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230212 for CVE-2024-44972",
               url: "https://bugzilla.suse.com/1230212",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44972",
      },
      {
         cve: "CVE-2024-44977",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44977",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Validate TA binary size\n\nAdd TA binary size validation to avoid OOB write.\n\n(cherry picked from commit c0a04e3570d72aaf090962156ad085e37c62e442)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44977",
               url: "https://www.suse.com/security/cve/CVE-2024-44977",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230217 for CVE-2024-44977",
               url: "https://bugzilla.suse.com/1230217",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44977",
      },
      {
         cve: "CVE-2024-44982",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44982",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: cleanup FB if dpu_format_populate_layout fails\n\nIf the dpu_format_populate_layout() fails, then FB is prepared, but not\ncleaned up. This ends up leaking the pin_count on the GEM object and\ncauses a splat during DRM file closure:\n\nmsm_obj->pin_count\nWARNING: CPU: 2 PID: 569 at drivers/gpu/drm/msm/msm_gem.c:121 update_lru_locked+0xc4/0xcc\n[...]\nCall trace:\n update_lru_locked+0xc4/0xcc\n put_pages+0xac/0x100\n msm_gem_free_object+0x138/0x180\n drm_gem_object_free+0x1c/0x30\n drm_gem_object_handle_put_unlocked+0x108/0x10c\n drm_gem_object_release_handle+0x58/0x70\n idr_for_each+0x68/0xec\n drm_gem_release+0x28/0x40\n drm_file_free+0x174/0x234\n drm_release+0xb0/0x160\n __fput+0xc0/0x2c8\n __fput_sync+0x50/0x5c\n __arm64_sys_close+0x38/0x7c\n invoke_syscall+0x48/0x118\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x4c/0x120\n el0t_64_sync_handler+0x100/0x12c\n el0t_64_sync+0x190/0x194\nirq event stamp: 129818\nhardirqs last  enabled at (129817): [<ffffa5f6d953fcc0>] console_unlock+0x118/0x124\nhardirqs last disabled at (129818): [<ffffa5f6da7dcf04>] el1_dbg+0x24/0x8c\nsoftirqs last  enabled at (129808): [<ffffa5f6d94afc18>] handle_softirqs+0x4c8/0x4e8\nsoftirqs last disabled at (129785): [<ffffa5f6d94105e4>] __do_softirq+0x14/0x20\n\nPatchwork: https://patchwork.freedesktop.org/patch/600714/",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44982",
               url: "https://www.suse.com/security/cve/CVE-2024-44982",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230204 for CVE-2024-44982",
               url: "https://bugzilla.suse.com/1230204",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44982",
      },
      {
         cve: "CVE-2024-44984",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44984",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix double DMA unmapping for XDP_REDIRECT\n\nRemove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT\ncode path.  This should have been removed when we let the page pool\nhandle the DMA mapping.  This bug causes the warning:\n\nWARNING: CPU: 7 PID: 59 at drivers/iommu/dma-iommu.c:1198 iommu_dma_unmap_page+0xd5/0x100\nCPU: 7 PID: 59 Comm: ksoftirqd/7 Tainted: G        W          6.8.0-1010-gcp #11-Ubuntu\nHardware name: Dell Inc. PowerEdge R7525/0PYVT1, BIOS 2.15.2 04/02/2024\nRIP: 0010:iommu_dma_unmap_page+0xd5/0x100\nCode: 89 ee 48 89 df e8 cb f2 69 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 e9 ab 17 71 00 <0f> 0b 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 c9\nRSP: 0018:ffffab1fc0597a48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff99ff838280c8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffab1fc0597a78 R08: 0000000000000002 R09: ffffab1fc0597c1c\nR10: ffffab1fc0597cd3 R11: ffff99ffe375acd8 R12: 00000000e65b9000\nR13: 0000000000000050 R14: 0000000000001000 R15: 0000000000000002\nFS:  0000000000000000(0000) GS:ffff9a06efb80000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000565c34c37210 CR3: 00000005c7e3e000 CR4: 0000000000350ef0\n? show_regs+0x6d/0x80\n? __warn+0x89/0x150\n? iommu_dma_unmap_page+0xd5/0x100\n? report_bug+0x16a/0x190\n? handle_bug+0x51/0xa0\n? exc_invalid_op+0x18/0x80\n? iommu_dma_unmap_page+0xd5/0x100\n? iommu_dma_unmap_page+0x35/0x100\ndma_unmap_page_attrs+0x55/0x220\n? bpf_prog_4d7e87c0d30db711_xdp_dispatcher+0x64/0x9f\nbnxt_rx_xdp+0x237/0x520 [bnxt_en]\nbnxt_rx_pkt+0x640/0xdd0 [bnxt_en]\n__bnxt_poll_work+0x1a1/0x3d0 [bnxt_en]\nbnxt_poll+0xaa/0x1e0 [bnxt_en]\n__napi_poll+0x33/0x1e0\nnet_rx_action+0x18a/0x2f0",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44984",
               url: "https://www.suse.com/security/cve/CVE-2024-44984",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230240 for CVE-2024-44984",
               url: "https://bugzilla.suse.com/1230240",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-44984",
      },
      {
         cve: "CVE-2024-44986",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44986",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible UAF in ip6_finish_output2()\n\nIf skb_expand_head() returns NULL, skb has been freed\nand associated dst/idev could also have been freed.\n\nWe need to hold rcu_read_lock() to make sure the dst and\nassociated idev are alive.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44986",
               url: "https://www.suse.com/security/cve/CVE-2024-44986",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230230 for CVE-2024-44986",
               url: "https://bugzilla.suse.com/1230230",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44986",
      },
      {
         cve: "CVE-2024-44987",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44987",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent UAF in ip6_send_skb()\n\nsyzbot reported an UAF in ip6_send_skb() [1]\n\nAfter ip6_local_out() has returned, we no longer can safely\ndereference rt, unless we hold rcu_read_lock().\n\nA similar issue has been fixed in commit\na688caa34beb (\"ipv6: take rcu lock in rawv6_send_hdrinc()\")\n\nAnother potential issue in ip6_finish_output2() is handled in a\nseparate patch.\n\n[1]\n BUG: KASAN: slab-use-after-free in ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964\nRead of size 8 at addr ffff88806dde4858 by task syz.1.380/6530\n\nCPU: 1 UID: 0 PID: 6530 Comm: syz.1.380 Not tainted 6.11.0-rc3-syzkaller-00306-gdf6cbc62cc9b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n <TASK>\n  __dump_stack lib/dump_stack.c:93 [inline]\n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n  print_address_description mm/kasan/report.c:377 [inline]\n  print_report+0x169/0x550 mm/kasan/report.c:488\n  kasan_report+0x143/0x180 mm/kasan/report.c:601\n  ip6_send_skb+0x18d/0x230 net/ipv6/ip6_output.c:1964\n  rawv6_push_pending_frames+0x75c/0x9e0 net/ipv6/raw.c:588\n  rawv6_sendmsg+0x19c7/0x23c0 net/ipv6/raw.c:926\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n  sock_write_iter+0x2dd/0x400 net/socket.c:1160\n do_iter_readv_writev+0x60a/0x890\n  vfs_writev+0x37c/0xbb0 fs/read_write.c:971\n  do_writev+0x1b1/0x350 fs/read_write.c:1018\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f936bf79e79\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f936cd7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: 00007f936c115f80 RCX: 00007f936bf79e79\nRDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000004\nRBP: 00007f936bfe7916 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f936c115f80 R15: 00007fff2860a7a8\n </TASK>\n\nAllocated by task 6530:\n  kasan_save_stack mm/kasan/common.c:47 [inline]\n  kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n  unpoison_slab_object mm/kasan/common.c:312 [inline]\n  __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338\n  kasan_slab_alloc include/linux/kasan.h:201 [inline]\n  slab_post_alloc_hook mm/slub.c:3988 [inline]\n  slab_alloc_node mm/slub.c:4037 [inline]\n  kmem_cache_alloc_noprof+0x135/0x2a0 mm/slub.c:4044\n  dst_alloc+0x12b/0x190 net/core/dst.c:89\n  ip6_blackhole_route+0x59/0x340 net/ipv6/route.c:2670\n  make_blackhole net/xfrm/xfrm_policy.c:3120 [inline]\n  xfrm_lookup_route+0xd1/0x1c0 net/xfrm/xfrm_policy.c:3313\n  ip6_dst_lookup_flow+0x13e/0x180 net/ipv6/ip6_output.c:1257\n  rawv6_sendmsg+0x1283/0x23c0 net/ipv6/raw.c:898\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n  ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n  ___sys_sendmsg net/socket.c:2651 [inline]\n  __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 45:\n  kasan_save_stack mm/kasan/common.c:47 [inline]\n  kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n  kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\n  poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\n  __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\n  kasan_slab_free include/linux/kasan.h:184 [inline]\n  slab_free_hook mm/slub.c:2252 [inline]\n  slab_free mm/slub.c:4473 [inline]\n  kmem_cache_free+0x145/0x350 mm/slub.c:4548\n  dst_destroy+0x2ac/0x460 net/core/dst.c:124\n  rcu_do_batch kernel/rcu/tree.c:2569 [inline]\n  rcu_core+0xafd/0x1830 kernel/rcu/tree.\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44987",
               url: "https://www.suse.com/security/cve/CVE-2024-44987",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230185 for CVE-2024-44987",
               url: "https://bugzilla.suse.com/1230185",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44987",
      },
      {
         cve: "CVE-2024-44988",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44988",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: Fix out-of-bound access\n\nIf an ATU violation was caused by a CPU Load operation, the SPID could\nbe larger than DSA_MAX_PORTS (the size of mv88e6xxx_chip.ports[] array).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44988",
               url: "https://www.suse.com/security/cve/CVE-2024-44988",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230192 for CVE-2024-44988",
               url: "https://bugzilla.suse.com/1230192",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44988",
      },
      {
         cve: "CVE-2024-44989",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44989",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix xfrm real_dev null pointer dereference\n\nWe shouldn't set real_dev to NULL because packets can be in transit and\nxfrm might call xdo_dev_offload_ok() in parallel. All callbacks assume\nreal_dev is set.\n\n Example trace:\n kernel: BUG: unable to handle page fault for address: 0000000000001030\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: #PF: supervisor write access in kernel mode\n kernel: #PF: error_code(0x0002) - not-present page\n kernel: PGD 0 P4D 0\n kernel: Oops: 0002 [#1] PREEMPT SMP\n kernel: CPU: 4 PID: 2237 Comm: ping Not tainted 6.7.7+ #12\n kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n kernel: RIP: 0010:nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel: Code: e0 0f 0b 48 83 7f 38 00 74 de 0f 0b 48 8b 47 08 48 8b 37 48 8b 78 40 e9 b2 e5 9a d7 66 90 0f 1f 44 00 00 48 8b 86 80 02 00 00 <83> 80 30 10 00 00 01 b8 01 00 00 00 c3 0f 1f 80 00 00 00 00 0f 1f\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: RSP: 0018:ffffabde81553b98 EFLAGS: 00010246\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:\n kernel: RAX: 0000000000000000 RBX: ffff9eb404e74900 RCX: ffff9eb403d97c60\n kernel: RDX: ffffffffc090de10 RSI: ffff9eb404e74900 RDI: ffff9eb3c5de9e00\n kernel: RBP: ffff9eb3c0a42000 R08: 0000000000000010 R09: 0000000000000014\n kernel: R10: 7974203030303030 R11: 3030303030303030 R12: 0000000000000000\n kernel: R13: ffff9eb3c5de9e00 R14: ffffabde81553cc8 R15: ffff9eb404c53000\n kernel: FS:  00007f2a77a3ad00(0000) GS:ffff9eb43bd00000(0000) knlGS:0000000000000000\n kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 0000000000001030 CR3: 00000001122ab000 CR4: 0000000000350ef0\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel: Call Trace:\n kernel:  <TASK>\n kernel:  ? __die+0x1f/0x60\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:  ? page_fault_oops+0x142/0x4c0\n kernel:  ? do_user_addr_fault+0x65/0x670\n kernel:  ? kvm_read_and_reset_apf_flags+0x3b/0x50\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel:  ? exc_page_fault+0x7b/0x180\n kernel:  ? asm_exc_page_fault+0x22/0x30\n kernel:  ? nsim_bpf_uninit+0x50/0x50 [netdevsim]\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:  ? nsim_ipsec_offload_ok+0xc/0x20 [netdevsim]\n kernel: bond0: (slave eni0np1): making interface the new active one\n kernel:  bond_ipsec_offload_ok+0x7b/0x90 [bonding]\n kernel:  xfrm_output+0x61/0x3b0\n kernel: bond0: (slave eni0np1): bond_ipsec_add_sa_all: failed to add SA\n kernel:  ip_push_pending_frames+0x56/0x80",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44989",
               url: "https://www.suse.com/security/cve/CVE-2024-44989",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230193 for CVE-2024-44989",
               url: "https://bugzilla.suse.com/1230193",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44989",
      },
      {
         cve: "CVE-2024-44990",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44990",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix null pointer deref in bond_ipsec_offload_ok\n\nWe must check if there is an active slave before dereferencing the pointer.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44990",
               url: "https://www.suse.com/security/cve/CVE-2024-44990",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230194 for CVE-2024-44990",
               url: "https://bugzilla.suse.com/1230194",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44990",
      },
      {
         cve: "CVE-2024-44991",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44991",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: prevent concurrent execution of tcp_sk_exit_batch\n\nIts possible that two threads call tcp_sk_exit_batch() concurrently,\nonce from the cleanup_net workqueue, once from a task that failed to clone\na new netns.  In the latter case, error unwinding calls the exit handlers\nin reverse order for the 'failed' netns.\n\ntcp_sk_exit_batch() calls tcp_twsk_purge().\nProblem is that since commit b099ce2602d8 (\"net: Batch inet_twsk_purge\"),\nthis function picks up twsk in any dying netns, not just the one passed\nin via exit_batch list.\n\nThis means that the error unwind of setup_net() can \"steal\" and destroy\ntimewait sockets belonging to the exiting netns.\n\nThis allows the netns exit worker to proceed to call\n\nWARN_ON_ONCE(!refcount_dec_and_test(&net->ipv4.tcp_death_row.tw_refcount));\n\nwithout the expected 1 -> 0 transition, which then splats.\n\nAt same time, error unwind path that is also running inet_twsk_purge()\nwill splat as well:\n\nWARNING: .. at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210\n...\n refcount_dec include/linux/refcount.h:351 [inline]\n inet_twsk_kill+0x758/0x9c0 net/ipv4/inet_timewait_sock.c:70\n inet_twsk_deschedule_put net/ipv4/inet_timewait_sock.c:221\n inet_twsk_purge+0x725/0x890 net/ipv4/inet_timewait_sock.c:304\n tcp_sk_exit_batch+0x1c/0x170 net/ipv4/tcp_ipv4.c:3522\n ops_exit_list+0x128/0x180 net/core/net_namespace.c:178\n setup_net+0x714/0xb40 net/core/net_namespace.c:375\n copy_net_ns+0x2f0/0x670 net/core/net_namespace.c:508\n create_new_namespaces+0x3ea/0xb10 kernel/nsproxy.c:110\n\n... because refcount_dec() of tw_refcount unexpectedly dropped to 0.\n\nThis doesn't seem like an actual bug (no tw sockets got lost and I don't\nsee a use-after-free) but as erroneous trigger of debug check.\n\nAdd a mutex to force strict ordering: the task that calls tcp_twsk_purge()\nblocks other task from doing final _dec_and_test before mutex-owner has\nremoved all tw sockets of dying netns.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44991",
               url: "https://www.suse.com/security/cve/CVE-2024-44991",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230195 for CVE-2024-44991",
               url: "https://bugzilla.suse.com/1230195",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44991",
      },
      {
         cve: "CVE-2024-44997",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44997",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()\n\nWhen there are multiple ap interfaces on one band and with WED on,\nturning the interface down will cause a kernel panic on MT798X.\n\nPreviously, cb_priv was freed in mtk_wed_setup_tc_block() without\nmarking NULL,and mtk_wed_setup_tc_block_cb() didn't check the value, too.\n\nAssign NULL after free cb_priv in mtk_wed_setup_tc_block() and check NULL\nin mtk_wed_setup_tc_block_cb().\n\n----------\nUnable to handle kernel paging request at virtual address 0072460bca32b4f5\nCall trace:\n mtk_wed_setup_tc_block_cb+0x4/0x38\n 0xffffffc0794084bc\n tcf_block_playback_offloads+0x70/0x1e8\n tcf_block_unbind+0x6c/0xc8\n...\n---------",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44997",
               url: "https://www.suse.com/security/cve/CVE-2024-44997",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230232 for CVE-2024-44997",
               url: "https://bugzilla.suse.com/1230232",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44997",
      },
      {
         cve: "CVE-2024-44999",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-44999",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: pull network headers in gtp_dev_xmit()\n\nsyzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1]\n\nWe must make sure the IPv4 or Ipv6 header is pulled in skb->head\nbefore accessing fields in them.\n\nUse pskb_inet_may_pull() to fix this issue.\n\n[1]\nBUG: KMSAN: uninit-value in ipv6_pdp_find drivers/net/gtp.c:220 [inline]\n BUG: KMSAN: uninit-value in gtp_build_skb_ip6 drivers/net/gtp.c:1229 [inline]\n BUG: KMSAN: uninit-value in gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281\n  ipv6_pdp_find drivers/net/gtp.c:220 [inline]\n  gtp_build_skb_ip6 drivers/net/gtp.c:1229 [inline]\n  gtp_dev_xmit+0x1424/0x2540 drivers/net/gtp.c:1281\n  __netdev_start_xmit include/linux/netdevice.h:4913 [inline]\n  netdev_start_xmit include/linux/netdevice.h:4922 [inline]\n  xmit_one net/core/dev.c:3580 [inline]\n  dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3596\n  __dev_queue_xmit+0x358c/0x5610 net/core/dev.c:4423\n  dev_queue_xmit include/linux/netdevice.h:3105 [inline]\n  packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n  packet_snd net/packet/af_packet.c:3145 [inline]\n  packet_sendmsg+0x90e3/0xa3a0 net/packet/af_packet.c:3177\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:745\n  __sys_sendto+0x685/0x830 net/socket.c:2204\n  __do_sys_sendto net/socket.c:2216 [inline]\n  __se_sys_sendto net/socket.c:2212 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212\n  x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n  slab_post_alloc_hook mm/slub.c:3994 [inline]\n  slab_alloc_node mm/slub.c:4037 [inline]\n  kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4080\n  kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:583\n  __alloc_skb+0x363/0x7b0 net/core/skbuff.c:674\n  alloc_skb include/linux/skbuff.h:1320 [inline]\n  alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6526\n  sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2815\n  packet_alloc_skb net/packet/af_packet.c:2994 [inline]\n  packet_snd net/packet/af_packet.c:3088 [inline]\n  packet_sendmsg+0x749c/0xa3a0 net/packet/af_packet.c:3177\n  sock_sendmsg_nosec net/socket.c:730 [inline]\n  __sock_sendmsg+0x30f/0x380 net/socket.c:745\n  __sys_sendto+0x685/0x830 net/socket.c:2204\n  __do_sys_sendto net/socket.c:2216 [inline]\n  __se_sys_sendto net/socket.c:2212 [inline]\n  __x64_sys_sendto+0x125/0x1d0 net/socket.c:2212\n  x64_sys_call+0x3799/0x3c10 arch/x86/include/generated/asm/syscalls_64.h:45\n  do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n  do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 7115 Comm: syz.1.515 Not tainted 6.11.0-rc1-syzkaller-00043-g94ede2a3e913 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-44999",
               url: "https://www.suse.com/security/cve/CVE-2024-44999",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230233 for CVE-2024-44999",
               url: "https://bugzilla.suse.com/1230233",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-44999",
      },
      {
         cve: "CVE-2024-45000",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45000",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/netfs/fscache_cookie: add missing \"n_accesses\" check\n\nThis fixes a NULL pointer dereference bug due to a data race which\nlooks like this:\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000008\n  #PF: supervisor read access in kernel mode\n  #PF: error_code(0x0000) - not-present page\n  PGD 0 P4D 0\n  Oops: 0000 [#1] SMP PTI\n  CPU: 33 PID: 16573 Comm: kworker/u97:799 Not tainted 6.8.7-cm4all1-hp+ #43\n  Hardware name: HP ProLiant DL380 Gen9/ProLiant DL380 Gen9, BIOS P89 10/17/2018\n  Workqueue: events_unbound netfs_rreq_write_to_cache_work\n  RIP: 0010:cachefiles_prepare_write+0x30/0xa0\n  Code: 57 41 56 45 89 ce 41 55 49 89 cd 41 54 49 89 d4 55 53 48 89 fb 48 83 ec 08 48 8b 47 08 48 83 7f 10 00 48 89 34 24 48 8b 68 20 <48> 8b 45 08 4c 8b 38 74 45 49 8b 7f 50 e8 4e a9 b0 ff 48 8b 73 10\n  RSP: 0018:ffffb4e78113bde0 EFLAGS: 00010286\n  RAX: ffff976126be6d10 RBX: ffff97615cdb8438 RCX: 0000000000020000\n  RDX: ffff97605e6c4c68 RSI: ffff97605e6c4c60 RDI: ffff97615cdb8438\n  RBP: 0000000000000000 R08: 0000000000278333 R09: 0000000000000001\n  R10: ffff97605e6c4600 R11: 0000000000000001 R12: ffff97605e6c4c68\n  R13: 0000000000020000 R14: 0000000000000001 R15: ffff976064fe2c00\n  FS:  0000000000000000(0000) GS:ffff9776dfd40000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000000000000008 CR3: 000000005942c002 CR4: 00000000001706f0\n  Call Trace:\n   <TASK>\n   ? __die+0x1f/0x70\n   ? page_fault_oops+0x15d/0x440\n   ? search_module_extables+0xe/0x40\n   ? fixup_exception+0x22/0x2f0\n   ? exc_page_fault+0x5f/0x100\n   ? asm_exc_page_fault+0x22/0x30\n   ? cachefiles_prepare_write+0x30/0xa0\n   netfs_rreq_write_to_cache_work+0x135/0x2e0\n   process_one_work+0x137/0x2c0\n   worker_thread+0x2e9/0x400\n   ? __pfx_worker_thread+0x10/0x10\n   kthread+0xcc/0x100\n   ? __pfx_kthread+0x10/0x10\n   ret_from_fork+0x30/0x50\n   ? __pfx_kthread+0x10/0x10\n   ret_from_fork_asm+0x1b/0x30\n   </TASK>\n  Modules linked in:\n  CR2: 0000000000000008\n  ---[ end trace 0000000000000000 ]---\n\nThis happened because fscache_cookie_state_machine() was slow and was\nstill running while another process invoked fscache_unuse_cookie();\nthis led to a fscache_cookie_lru_do_one() call, setting the\nFSCACHE_COOKIE_DO_LRU_DISCARD flag, which was picked up by\nfscache_cookie_state_machine(), withdrawing the cookie via\ncachefiles_withdraw_cookie(), clearing cookie->cache_priv.\n\nAt the same time, yet another process invoked\ncachefiles_prepare_write(), which found a NULL pointer in this code\nline:\n\n  struct cachefiles_object *object = cachefiles_cres_object(cres);\n\nThe next line crashes, obviously:\n\n  struct cachefiles_cache *cache = object->volume->cache;\n\nDuring cachefiles_prepare_write(), the \"n_accesses\" counter is\nnon-zero (via fscache_begin_operation()).  The cookie must not be\nwithdrawn until it drops to zero.\n\nThe counter is checked by fscache_cookie_state_machine() before\nswitching to FSCACHE_COOKIE_STATE_RELINQUISHING and\nFSCACHE_COOKIE_STATE_WITHDRAWING (in \"case\nFSCACHE_COOKIE_STATE_FAILED\"), but not for\nFSCACHE_COOKIE_STATE_LRU_DISCARDING (\"case\nFSCACHE_COOKIE_STATE_ACTIVE\").\n\nThis patch adds the missing check.  With a non-zero access counter,\nthe function returns and the next fscache_end_cookie_access() call\nwill queue another fscache_cookie_state_machine() call to handle the\nstill-pending FSCACHE_COOKIE_DO_LRU_DISCARD.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45000",
               url: "https://www.suse.com/security/cve/CVE-2024-45000",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230170 for CVE-2024-45000",
               url: "https://bugzilla.suse.com/1230170",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45000",
      },
      {
         cve: "CVE-2024-45001",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45001",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix RX buf alloc_size alignment and atomic op panic\n\nThe MANA driver's RX buffer alloc_size is passed into napi_build_skb() to\ncreate SKB. skb_shinfo(skb) is located at the end of skb, and its alignment\nis affected by the alloc_size passed into napi_build_skb(). The size needs\nto be aligned properly for better performance and atomic operations.\nOtherwise, on ARM64 CPU, for certain MTU settings like 4000, atomic\noperations may panic on the skb_shinfo(skb)->dataref due to alignment fault.\n\nTo fix this bug, add proper alignment to the alloc_size calculation.\n\nSample panic info:\n[  253.298819] Unable to handle kernel paging request at virtual address ffff000129ba5cce\n[  253.300900] Mem abort info:\n[  253.301760]   ESR = 0x0000000096000021\n[  253.302825]   EC = 0x25: DABT (current EL), IL = 32 bits\n[  253.304268]   SET = 0, FnV = 0\n[  253.305172]   EA = 0, S1PTW = 0\n[  253.306103]   FSC = 0x21: alignment fault\nCall trace:\n __skb_clone+0xfc/0x198\n skb_clone+0x78/0xe0\n raw6_local_deliver+0xfc/0x228\n ip6_protocol_deliver_rcu+0x80/0x500\n ip6_input_finish+0x48/0x80\n ip6_input+0x48/0xc0\n ip6_sublist_rcv_finish+0x50/0x78\n ip6_sublist_rcv+0x1cc/0x2b8\n ipv6_list_rcv+0x100/0x150\n __netif_receive_skb_list_core+0x180/0x220\n netif_receive_skb_list_internal+0x198/0x2a8\n __napi_poll+0x138/0x250\n net_rx_action+0x148/0x330\n handle_softirqs+0x12c/0x3a0",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45001",
               url: "https://www.suse.com/security/cve/CVE-2024-45001",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230244 for CVE-2024-45001",
               url: "https://bugzilla.suse.com/1230244",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45001",
      },
      {
         cve: "CVE-2024-45002",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45002",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nrtla/osnoise: Prevent NULL dereference in error handling\n\nIf the \"tool->data\" allocation fails then there is no need to call\nosnoise_free_top() and, in fact, doing so will lead to a NULL dereference.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45002",
               url: "https://www.suse.com/security/cve/CVE-2024-45002",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230169 for CVE-2024-45002",
               url: "https://bugzilla.suse.com/1230169",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45002",
      },
      {
         cve: "CVE-2024-45005",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45005",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: s390: fix validity interception issue when gisa is switched off\n\nWe might run into a SIE validity if gisa has been disabled either via using\nkernel parameter \"kvm.use_gisa=0\" or by setting the related sysfs\nattribute to N (echo N >/sys/module/kvm/parameters/use_gisa).\n\nThe validity is caused by an invalid value in the SIE control block's\ngisa designation. That happens because we pass the uninitialized gisa\norigin to virt_to_phys() before writing it to the gisa designation.\n\nTo fix this we return 0 in kvm_s390_get_gisa_desc() if the origin is 0.\nkvm_s390_get_gisa_desc() is used to determine which gisa designation to\nset in the SIE control block. A value of 0 in the gisa designation disables\ngisa usage.\n\nThe issue surfaces in the host kernel with the following kernel message as\nsoon a new kvm guest start is attemted.\n\nkvm: unhandled validity intercept 0x1011\nWARNING: CPU: 0 PID: 781237 at arch/s390/kvm/intercept.c:101 kvm_handle_sie_intercept+0x42e/0x4d0 [kvm]\nModules linked in: vhost_net tap tun xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT xt_tcpudp nft_compat x_tables nf_nat_tftp nf_conntrack_tftp vfio_pci_core irqbypass vhost_vsock vmw_vsock_virtio_transport_common vsock vhost vhost_iotlb kvm nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables sunrpc mlx5_ib ib_uverbs ib_core mlx5_core uvdevice s390_trng eadm_sch vfio_ccw zcrypt_cex4 mdev vfio_iommu_type1 vfio sch_fq_codel drm i2c_core loop drm_panel_orientation_quirks configfs nfnetlink lcs ctcm fsm dm_service_time ghash_s390 prng chacha_s390 libchacha aes_s390 des_s390 libdes sha3_512_s390 sha3_256_s390 sha512_s390 sha256_s390 sha1_s390 sha_common dm_mirror dm_region_hash dm_log zfcp scsi_transport_fc scsi_dh_rdac scsi_dh_emc scsi_dh_alua pkey zcrypt dm_multipath rng_core autofs4 [last unloaded: vfio_pci]\nCPU: 0 PID: 781237 Comm: CPU 0/KVM Not tainted 6.10.0-08682-gcad9f11498ea #6\nHardware name: IBM 3931 A01 701 (LPAR)\nKrnl PSW : 0704c00180000000 000003d93deb0122 (kvm_handle_sie_intercept+0x432/0x4d0 [kvm])\n           R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3\nKrnl GPRS: 000003d900000027 000003d900000023 0000000000000028 000002cd00000000\n           000002d063a00900 00000359c6daf708 00000000000bebb5 0000000000001eff\n           000002cfd82e9000 000002cfd80bc000 0000000000001011 000003d93deda412\n           000003ff8962df98 000003d93de77ce0 000003d93deb011e 00000359c6daf960\nKrnl Code: 000003d93deb0112: c020fffe7259\tlarl\t%r2,000003d93de7e5c4\n           000003d93deb0118: c0e53fa8beac\tbrasl\t%r14,000003d9bd3c7e70\n          #000003d93deb011e: af000000\t\tmc\t0,0\n          >000003d93deb0122: a728ffea\t\tlhi\t%r2,-22\n           000003d93deb0126: a7f4fe24\t\tbrc\t15,000003d93deafd6e\n           000003d93deb012a: 9101f0b0\t\ttm\t176(%r15),1\n           000003d93deb012e: a774fe48\t\tbrc\t7,000003d93deafdbe\n           000003d93deb0132: 40a0f0ae\t\tsth\t%r10,174(%r15)\nCall Trace:\n [<000003d93deb0122>] kvm_handle_sie_intercept+0x432/0x4d0 [kvm]\n([<000003d93deb011e>] kvm_handle_sie_intercept+0x42e/0x4d0 [kvm])\n [<000003d93deacc10>] vcpu_post_run+0x1d0/0x3b0 [kvm]\n [<000003d93deaceda>] __vcpu_run+0xea/0x2d0 [kvm]\n [<000003d93dead9da>] kvm_arch_vcpu_ioctl_run+0x16a/0x430 [kvm]\n [<000003d93de93ee0>] kvm_vcpu_ioctl+0x190/0x7c0 [kvm]\n [<000003d9bd728b4e>] vfs_ioctl+0x2e/0x70\n [<000003d9bd72a092>] __s390x_sys_ioctl+0xc2/0xd0\n [<000003d9be0e9222>] __do_syscall+0x1f2/0x2e0\n [<000003d9be0f9a90>] system_call+0x70/0x98\nLast Breaking-Event-Address:\n [<000003d9bd3c7f58>] __warn_printk+0xe8/0xf0",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45005",
               url: "https://www.suse.com/security/cve/CVE-2024-45005",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230173 for CVE-2024-45005",
               url: "https://bugzilla.suse.com/1230173",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45005",
      },
      {
         cve: "CVE-2024-45006",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45006",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Fix Panther point NULL pointer deref at full-speed re-enumeration\n\nre-enumerating full-speed devices after a failed address device command\ncan trigger a NULL pointer dereference.\n\nFull-speed devices may need to reconfigure the endpoint 0 Max Packet Size\nvalue during enumeration. Usb core calls usb_ep0_reinit() in this case,\nwhich ends up calling xhci_configure_endpoint().\n\nOn Panther point xHC the xhci_configure_endpoint() function will\nadditionally check and reserve bandwidth in software. Other hosts do\nthis in hardware\n\nIf xHC address device command fails then a new xhci_virt_device structure\nis allocated as part of re-enabling the slot, but the bandwidth table\npointers are not set up properly here.\nThis triggers the NULL pointer dereference the next time usb_ep0_reinit()\nis called and xhci_configure_endpoint() tries to check and reserve\nbandwidth\n\n[46710.713538] usb 3-1: new full-speed USB device number 5 using xhci_hcd\n[46710.713699] usb 3-1: Device not responding to setup address.\n[46710.917684] usb 3-1: Device not responding to setup address.\n[46711.125536] usb 3-1: device not accepting address 5, error -71\n[46711.125594] BUG: kernel NULL pointer dereference, address: 0000000000000008\n[46711.125600] #PF: supervisor read access in kernel mode\n[46711.125603] #PF: error_code(0x0000) - not-present page\n[46711.125606] PGD 0 P4D 0\n[46711.125610] Oops: Oops: 0000 [#1] PREEMPT SMP PTI\n[46711.125615] CPU: 1 PID: 25760 Comm: kworker/1:2 Not tainted 6.10.3_2 #1\n[46711.125620] Hardware name: Gigabyte Technology Co., Ltd.\n[46711.125623] Workqueue: usb_hub_wq hub_event [usbcore]\n[46711.125668] RIP: 0010:xhci_reserve_bandwidth (drivers/usb/host/xhci.c\n\nFix this by making sure bandwidth table pointers are set up correctly\nafter a failed address device command, and additionally by avoiding\nchecking for bandwidth in cases like this where no actual endpoints are\nadded or removed, i.e. only context for default control endpoint 0 is\nevaluated.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45006",
               url: "https://www.suse.com/security/cve/CVE-2024-45006",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230247 for CVE-2024-45006",
               url: "https://bugzilla.suse.com/1230247",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45006",
      },
      {
         cve: "CVE-2024-45007",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45007",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: xillybus: Don't destroy workqueue from work item running on it\n\nTriggered by a kref decrement, destroy_workqueue() may be called from\nwithin a work item for destroying its own workqueue. This illegal\nsituation is averted by adding a module-global workqueue for exclusive\nuse of the offending work item. Other work items continue to be queued\non per-device workqueues to ensure performance.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45007",
               url: "https://www.suse.com/security/cve/CVE-2024-45007",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230175 for CVE-2024-45007",
               url: "https://bugzilla.suse.com/1230175",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45007",
      },
      {
         cve: "CVE-2024-45008",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45008",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: MT - limit max slots\n\nsyzbot is reporting too large allocation at input_mt_init_slots(), for\nnum_slots is supplied from userspace using ioctl(UI_DEV_CREATE).\n\nSince nobody knows possible max slots, this patch chose 1024.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45008",
               url: "https://www.suse.com/security/cve/CVE-2024-45008",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230248 for CVE-2024-45008",
               url: "https://bugzilla.suse.com/1230248",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45008",
      },
      {
         cve: "CVE-2024-45011",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45011",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nchar: xillybus: Check USB endpoints when probing device\n\nEnsure, as the driver probes the device, that all endpoints that the\ndriver may attempt to access exist and are of the correct type.\n\nAll XillyUSB devices must have a Bulk IN and Bulk OUT endpoint at\naddress 1. This is verified in xillyusb_setup_base_eps().\n\nOn top of that, a XillyUSB device may have additional Bulk OUT\nendpoints. The information about these endpoints' addresses is deduced\nfrom a data structure (the IDT) that the driver fetches from the device\nwhile probing it. These endpoints are checked in setup_channels().\n\nA XillyUSB device never has more than one IN endpoint, as all data\ntowards the host is multiplexed in this single Bulk IN endpoint. This is\nwhy setup_channels() only checks OUT endpoints.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45011",
               url: "https://www.suse.com/security/cve/CVE-2024-45011",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230440 for CVE-2024-45011",
               url: "https://bugzilla.suse.com/1230440",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45011",
      },
      {
         cve: "CVE-2024-45012",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45012",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/firmware: use dma non-coherent allocator\n\nCurrently, enabling SG_DEBUG in the kernel will cause nouveau to hit a\nBUG() on startup, when the iommu is enabled:\n\nkernel BUG at include/linux/scatterlist.h:187!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 7 PID: 930 Comm: (udev-worker) Not tainted 6.9.0-rc3Lyude-Test+ #30\nHardware name: MSI MS-7A39/A320M GAMING PRO (MS-7A39), BIOS 1.I0 01/22/2019\nRIP: 0010:sg_init_one+0x85/0xa0\nCode: 69 88 32 01 83 e1 03 f6 c3 03 75 20 a8 01 75 1e 48 09 cb 41 89 54\n24 08 49 89 1c 24 41 89 6c 24 0c 5b 5d 41 5c e9 7b b9 88 00 <0f> 0b 0f 0b\n0f 0b 48 8b 05 5e 46 9a 01 eb b2 66 66 2e 0f 1f 84 00\nRSP: 0018:ffffa776017bf6a0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffa77600d87000 RCX: 000000000000002b\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffa77680d87000\nRBP: 000000000000e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffff98f4c46aa508 R11: 0000000000000000 R12: ffff98f4c46aa508\nR13: ffff98f4c46aa008 R14: ffffa77600d4a000 R15: ffffa77600d4a018\nFS:  00007feeb5aae980(0000) GS:ffff98f5c4dc0000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f22cb9a4520 CR3: 00000001043ba000 CR4: 00000000003506f0\nCall Trace:\n <TASK>\n ? die+0x36/0x90\n ? do_trap+0xdd/0x100\n ? sg_init_one+0x85/0xa0\n ? do_error_trap+0x65/0x80\n ? sg_init_one+0x85/0xa0\n ? exc_invalid_op+0x50/0x70\n ? sg_init_one+0x85/0xa0\n ? asm_exc_invalid_op+0x1a/0x20\n ? sg_init_one+0x85/0xa0\n nvkm_firmware_ctor+0x14a/0x250 [nouveau]\n nvkm_falcon_fw_ctor+0x42/0x70 [nouveau]\n ga102_gsp_booter_ctor+0xb4/0x1a0 [nouveau]\n r535_gsp_oneinit+0xb3/0x15f0 [nouveau]\n ? srso_return_thunk+0x5/0x5f\n ? srso_return_thunk+0x5/0x5f\n ? nvkm_udevice_new+0x95/0x140 [nouveau]\n ? srso_return_thunk+0x5/0x5f\n ? srso_return_thunk+0x5/0x5f\n ? ktime_get+0x47/0xb0\n\nFix this by using the non-coherent allocator instead, I think there\nmight be a better answer to this, but it involve ripping up some of\nAPIs using sg lists.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45012",
               url: "https://www.suse.com/security/cve/CVE-2024-45012",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230441 for CVE-2024-45012",
               url: "https://bugzilla.suse.com/1230441",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-45012",
      },
      {
         cve: "CVE-2024-45013",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45013",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: move stopping keep-alive into nvme_uninit_ctrl()\n\nCommit 4733b65d82bd (\"nvme: start keep-alive after admin queue setup\")\nmoves starting keep-alive from nvme_start_ctrl() into\nnvme_init_ctrl_finish(), but don't move stopping keep-alive into\nnvme_uninit_ctrl(), so keep-alive work can be started and keep pending\nafter failing to start controller, finally use-after-free is triggered if\nnvme host driver is unloaded.\n\nThis patch fixes kernel panic when running nvme/004 in case that connection\nfailure is triggered, by moving stopping keep-alive into nvme_uninit_ctrl().\n\nThis way is reasonable because keep-alive is now started in\nnvme_init_ctrl_finish().",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45013",
               url: "https://www.suse.com/security/cve/CVE-2024-45013",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230442 for CVE-2024-45013",
               url: "https://bugzilla.suse.com/1230442",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45013",
      },
      {
         cve: "CVE-2024-45015",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45015",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()\n\nFor cases where the crtc's connectors_changed was set without enable/active\ngetting toggled , there is an atomic_enable() call followed by an\natomic_disable() but without an atomic_mode_set().\n\nThis results in a NULL ptr access for the dpu_encoder_get_drm_fmt() call in\nthe atomic_enable() as the dpu_encoder's connector was cleared in the\natomic_disable() but not re-assigned as there was no atomic_mode_set() call.\n\nFix the NULL ptr access by moving the assignment for atomic_enable() and also\nuse drm_atomic_get_new_connector_for_encoder() to get the connector from\nthe atomic_state.\n\nPatchwork: https://patchwork.freedesktop.org/patch/606729/",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45015",
               url: "https://www.suse.com/security/cve/CVE-2024-45015",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230444 for CVE-2024-45015",
               url: "https://bugzilla.suse.com/1230444",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45015",
      },
      {
         cve: "CVE-2024-45017",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45017",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix IPsec RoCE MPV trace call\n\nPrevent the call trace below from happening, by not allowing IPsec\ncreation over a slave, if master device doesn't support IPsec.\n\nWARNING: CPU: 44 PID: 16136 at kernel/locking/rwsem.c:240 down_read+0x75/0x94\nModules linked in: esp4_offload esp4 act_mirred act_vlan cls_flower sch_ingress mlx5_vdpa vringh vhost_iotlb vdpa mst_pciconf(OE) nfsv3 nfs_acl nfs lockd grace fscache netfs xt_CHECKSUM xt_MASQUERADE xt_conntrack ipt_REJECT nf_reject_ipv4 nft_compat nft_counter nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 rfkill cuse fuse rpcrdma sunrpc rdma_ucm ib_srpt ib_isert iscsi_target_mod target_core_mod ib_umad ib_iser libiscsi scsi_transport_iscsi rdma_cm ib_ipoib iw_cm ib_cm ipmi_ssif intel_rapl_msr intel_rapl_common amd64_edac edac_mce_amd kvm_amd kvm irqbypass crct10dif_pclmul crc32_pclmul mlx5_ib ghash_clmulni_intel sha1_ssse3 dell_smbios ib_uverbs aesni_intel crypto_simd dcdbas wmi_bmof dell_wmi_descriptor cryptd pcspkr ib_core acpi_ipmi sp5100_tco ccp i2c_piix4 ipmi_si ptdma k10temp ipmi_devintf ipmi_msghandler acpi_power_meter acpi_cpufreq ext4 mbcache jbd2 sd_mod t10_pi sg mgag200 drm_kms_helper syscopyarea sysfillrect mlx5_core sysimgblt fb_sys_fops cec\n ahci libahci mlxfw drm pci_hyperv_intf libata tg3 sha256_ssse3 tls megaraid_sas i2c_algo_bit psample wmi dm_mirror dm_region_hash dm_log dm_mod [last unloaded: mst_pci]\nCPU: 44 PID: 16136 Comm: kworker/44:3 Kdump: loaded Tainted: GOE 5.15.0-20240509.el8uek.uek7_u3_update_v6.6_ipsec_bf.x86_64 #2\nHardware name: Dell Inc. PowerEdge R7525/074H08, BIOS 2.0.3 01/15/2021\nWorkqueue: events xfrm_state_gc_task\nRIP: 0010:down_read+0x75/0x94\nCode: 00 48 8b 45 08 65 48 8b 14 25 80 fc 01 00 83 e0 02 48 09 d0 48 83 c8 01 48 89 45 08 5d 31 c0 89 c2 89 c6 89 c7 e9 cb 88 3b 00 <0f> 0b 48 8b 45 08 a8 01 74 b2 a8 02 75 ae 48 89 c2 48 83 ca 02 f0\nRSP: 0018:ffffb26387773da8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffffa08b658af900 RCX: 0000000000000001\nRDX: 0000000000000000 RSI: ff886bc5e1366f2f RDI: 0000000000000000\nRBP: ffffa08b658af940 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffa0a9bfb31540\nR13: ffffa0a9bfb37900 R14: 0000000000000000 R15: ffffa0a9bfb37905\nFS:  0000000000000000(0000) GS:ffffa0a9bfb00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055a45ed814e8 CR3: 000000109038a000 CR4: 0000000000350ee0\nCall Trace:\n <TASK>\n ? show_trace_log_lvl+0x1d6/0x2f9\n ? show_trace_log_lvl+0x1d6/0x2f9\n ? mlx5_devcom_for_each_peer_begin+0x29/0x60 [mlx5_core]\n ? down_read+0x75/0x94\n ? __warn+0x80/0x113\n ? down_read+0x75/0x94\n ? report_bug+0xa4/0x11d\n ? handle_bug+0x35/0x8b\n ? exc_invalid_op+0x14/0x75\n ? asm_exc_invalid_op+0x16/0x1b\n ? down_read+0x75/0x94\n ? down_read+0xe/0x94\n mlx5_devcom_for_each_peer_begin+0x29/0x60 [mlx5_core]\n mlx5_ipsec_fs_roce_tx_destroy+0xb1/0x130 [mlx5_core]\n tx_destroy+0x1b/0xc0 [mlx5_core]\n tx_ft_put+0x53/0xc0 [mlx5_core]\n mlx5e_xfrm_free_state+0x45/0x90 [mlx5_core]\n ___xfrm_state_destroy+0x10f/0x1a2\n xfrm_state_gc_task+0x81/0xa9\n process_one_work+0x1f1/0x3c6\n worker_thread+0x53/0x3e4\n ? process_one_work.cold+0x46/0x3c\n kthread+0x127/0x144\n ? set_kthread_struct+0x60/0x52\n ret_from_fork+0x22/0x2d\n </TASK>\n---[ end trace 5ef7896144d398e1 ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45017",
               url: "https://www.suse.com/security/cve/CVE-2024-45017",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230430 for CVE-2024-45017",
               url: "https://bugzilla.suse.com/1230430",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45017",
      },
      {
         cve: "CVE-2024-45018",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45018",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: initialise extack before use\n\nFix missing initialisation of extack in flow offload.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45018",
               url: "https://www.suse.com/security/cve/CVE-2024-45018",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230431 for CVE-2024-45018",
               url: "https://bugzilla.suse.com/1230431",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45018",
      },
      {
         cve: "CVE-2024-45019",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45019",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Take state lock during tx timeout reporter\n\nmlx5e_safe_reopen_channels() requires the state lock taken. The\nreferenced changed in the Fixes tag removed the lock to fix another\nissue. This patch adds it back but at a later point (when calling\nmlx5e_safe_reopen_channels()) to avoid the deadlock referenced in the\nFixes tag.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45019",
               url: "https://www.suse.com/security/cve/CVE-2024-45019",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230432 for CVE-2024-45019",
               url: "https://bugzilla.suse.com/1230432",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45019",
      },
      {
         cve: "CVE-2024-45020",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45020",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a kernel verifier crash in stacksafe()\n\nDaniel Hodges reported a kernel verifier crash when playing with sched-ext.\nFurther investigation shows that the crash is due to invalid memory access\nin stacksafe(). More specifically, it is the following code:\n\n    if (exact != NOT_EXACT &&\n        old->stack[spi].slot_type[i % BPF_REG_SIZE] !=\n        cur->stack[spi].slot_type[i % BPF_REG_SIZE])\n            return false;\n\nThe 'i' iterates old->allocated_stack.\nIf cur->allocated_stack < old->allocated_stack the out-of-bound\naccess will happen.\n\nTo fix the issue add 'i >= cur->allocated_stack' check such that if\nthe condition is true, stacksafe() should fail. Otherwise,\ncur->stack[spi].slot_type[i % BPF_REG_SIZE] memory access is legal.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45020",
               url: "https://www.suse.com/security/cve/CVE-2024-45020",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230433 for CVE-2024-45020",
               url: "https://bugzilla.suse.com/1230433",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45020",
      },
      {
         cve: "CVE-2024-45021",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45021",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg_write_event_control(): fix a user-triggerable oops\n\nwe are *not* guaranteed that anything past the terminating NUL\nis mapped (let alone initialized with anything sane).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45021",
               url: "https://www.suse.com/security/cve/CVE-2024-45021",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230434 for CVE-2024-45021",
               url: "https://bugzilla.suse.com/1230434",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45021",
      },
      {
         cve: "CVE-2024-45022",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45022",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0\n\nThe __vmap_pages_range_noflush() assumes its argument pages** contains\npages with the same page shift.  However, since commit e9c3cda4d86e (\"mm,\nvmalloc: fix high order __GFP_NOFAIL allocations\"), if gfp_flags includes\n__GFP_NOFAIL with high order in vm_area_alloc_pages() and page allocation\nfailed for high order, the pages** may contain two different page shifts\n(high order and order-0).  This could lead __vmap_pages_range_noflush() to\nperform incorrect mappings, potentially resulting in memory corruption.\n\nUsers might encounter this as follows (vmap_allow_huge = true, 2M is for\nPMD_SIZE):\n\nkvmalloc(2M, __GFP_NOFAIL|GFP_X)\n    __vmalloc_node_range_noprof(vm_flags=VM_ALLOW_HUGE_VMAP)\n        vm_area_alloc_pages(order=9) ---> order-9 allocation failed and fallback to order-0\n            vmap_pages_range()\n                vmap_pages_range_noflush()\n                    __vmap_pages_range_noflush(page_shift = 21) ----> wrong mapping happens\n\nWe can remove the fallback code because if a high-order allocation fails,\n__vmalloc_node_range_noprof() will retry with order-0.  Therefore, it is\nunnecessary to fallback to order-0 here.  Therefore, fix this by removing\nthe fallback code.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45022",
               url: "https://www.suse.com/security/cve/CVE-2024-45022",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230435 for CVE-2024-45022",
               url: "https://bugzilla.suse.com/1230435",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45022",
      },
      {
         cve: "CVE-2024-45023",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45023",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix data corruption for degraded array with slow disk\n\nread_balance() will avoid reading from slow disks as much as possible,\nhowever, if valid data only lands in slow disks, and a new normal disk\nis still in recovery, unrecovered data can be read:\n\nraid1_read_request\n read_balance\n  raid1_should_read_first\n  -> return false\n  choose_best_rdev\n  -> normal disk is not recovered, return -1\n  choose_bb_rdev\n  -> missing the checking of recovery, return the normal disk\n -> read unrecovered data\n\nRoot cause is that the checking of recovery is missing in\nchoose_bb_rdev(). Hence add such checking to fix the problem.\n\nAlso fix similar problem in choose_slow_rdev().",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45023",
               url: "https://www.suse.com/security/cve/CVE-2024-45023",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230455 for CVE-2024-45023",
               url: "https://bugzilla.suse.com/1230455",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45023",
      },
      {
         cve: "CVE-2024-45026",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45026",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix error recovery leading to data corruption on ESE devices\n\nExtent Space Efficient (ESE) or thin provisioned volumes need to be\nformatted on demand during usual IO processing.\n\nThe dasd_ese_needs_format function checks for error codes that signal\nthe non existence of a proper track format.\n\nThe check for incorrect length is to imprecise since other error cases\nleading to transport of insufficient data also have this flag set.\nThis might lead to data corruption in certain error cases for example\nduring a storage server warmstart.\n\nFix by removing the check for incorrect length and replacing by\nexplicitly checking for invalid track format in transport mode.\n\nAlso remove the check for file protected since this is not a valid\nESE handling case.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45026",
               url: "https://www.suse.com/security/cve/CVE-2024-45026",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230454 for CVE-2024-45026",
               url: "https://bugzilla.suse.com/1230454",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45026",
      },
      {
         cve: "CVE-2024-45028",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45028",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: mmc_test: Fix NULL dereference on allocation failure\n\nIf the \"test->highmem = alloc_pages()\" allocation fails then calling\n__free_pages(test->highmem) will result in a NULL dereference.  Also\nchange the error code to -ENOMEM instead of returning success.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45028",
               url: "https://www.suse.com/security/cve/CVE-2024-45028",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230450 for CVE-2024-45028",
               url: "https://bugzilla.suse.com/1230450",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45028",
      },
      {
         cve: "CVE-2024-45029",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45029",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: tegra: Do not mark ACPI devices as irq safe\n\nOn ACPI machines, the tegra i2c module encounters an issue due to a\nmutex being called inside a spinlock. This leads to the following bug:\n\n\tBUG: sleeping function called from invalid context at kernel/locking/mutex.c:585\n\t...\n\n\tCall trace:\n\t__might_sleep\n\t__mutex_lock_common\n\tmutex_lock_nested\n\tacpi_subsys_runtime_resume\n\trpm_resume\n\ttegra_i2c_xfer\n\nThe problem arises because during __pm_runtime_resume(), the spinlock\n&dev->power.lock is acquired before rpm_resume() is called. Later,\nrpm_resume() invokes acpi_subsys_runtime_resume(), which relies on\nmutexes, triggering the error.\n\nTo address this issue, devices on ACPI are now marked as not IRQ-safe,\nconsidering the dependency of acpi_subsys_runtime_resume() on mutexes.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45029",
               url: "https://www.suse.com/security/cve/CVE-2024-45029",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230451 for CVE-2024-45029",
               url: "https://bugzilla.suse.com/1230451",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45029",
      },
      {
         cve: "CVE-2024-45030",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-45030",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: cope with large MAX_SKB_FRAGS\n\nSabrina reports that the igb driver does not cope well with large\nMAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload\ncorruption on TX.\n\nAn easy reproducer is to run ssh to connect to the machine.  With\nMAX_SKB_FRAGS=17 it works, with MAX_SKB_FRAGS=45 it fails.  This has\nbeen reported originally in\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2265320\n\nThe root cause of the issue is that the driver does not take into\naccount properly the (possibly large) shared info size when selecting\nthe ring layout, and will try to fit two packets inside the same 4K\npage even when the 1st fraglist will trump over the 2nd head.\n\nAddress the issue by checking if 2K buffers are insufficient.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-45030",
               url: "https://www.suse.com/security/cve/CVE-2024-45030",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230457 for CVE-2024-45030",
               url: "https://bugzilla.suse.com/1230457",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-45030",
      },
      {
         cve: "CVE-2024-46672",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46672",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion\n\nwpa_supplicant 2.11 sends since 1efdba5fdc2c (\"Handle PMKSA flush in the\ndriver for SAE/OWE offload cases\") SSID based PMKSA del commands.\nbrcmfmac is not prepared and tries to dereference the NULL bssid and\npmkid pointers in cfg80211_pmksa. PMKID_V3 operations support SSID based\nupdates so copy the SSID.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46672",
               url: "https://www.suse.com/security/cve/CVE-2024-46672",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230459 for CVE-2024-46672",
               url: "https://bugzilla.suse.com/1230459",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46672",
      },
      {
         cve: "CVE-2024-46673",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46673",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: aacraid: Fix double-free on probe failure\n\naac_probe_one() calls hardware-specific init functions through the\naac_driver_ident::init pointer, all of which eventually call down to\naac_init_adapter().\n\nIf aac_init_adapter() fails after allocating memory for aac_dev::queues,\nit frees the memory but does not clear that member.\n\nAfter the hardware-specific init function returns an error,\naac_probe_one() goes down an error path that frees the memory pointed to\nby aac_dev::queues, resulting.in a double-free.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46673",
               url: "https://www.suse.com/security/cve/CVE-2024-46673",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230506 for CVE-2024-46673",
               url: "https://bugzilla.suse.com/1230506",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46673",
      },
      {
         cve: "CVE-2024-46674",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46674",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: st: fix probed platform device ref count on probe error path\n\nThe probe function never performs any paltform device allocation, thus\nerror path \"undo_platform_dev_alloc\" is entirely bogus.  It drops the\nreference count from the platform device being probed.  If error path is\ntriggered, this will lead to unbalanced device reference counts and\npremature release of device resources, thus possible use-after-free when\nreleasing remaining devm-managed resources.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46674",
               url: "https://www.suse.com/security/cve/CVE-2024-46674",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230507 for CVE-2024-46674",
               url: "https://bugzilla.suse.com/1230507",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230599 for CVE-2024-46674",
               url: "https://bugzilla.suse.com/1230599",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46674",
      },
      {
         cve: "CVE-2024-46675",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46675",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: core: Prevent USB core invalid event buffer address access\n\nThis commit addresses an issue where the USB core could access an\ninvalid event buffer address during runtime suspend, potentially causing\nSMMU faults and other memory issues in Exynos platforms. The problem\narises from the following sequence.\n        1. In dwc3_gadget_suspend, there is a chance of a timeout when\n        moving the USB core to the halt state after clearing the\n        run/stop bit by software.\n        2. In dwc3_core_exit, the event buffer is cleared regardless of\n        the USB core's status, which may lead to an SMMU faults and\n        other memory issues. if the USB core tries to access the event\n        buffer address.\n\nTo prevent this hardware quirk on Exynos platforms, this commit ensures\nthat the event buffer address is not cleared by software  when the USB\ncore is active during runtime suspend by checking its status before\nclearing the buffer address.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46675",
               url: "https://www.suse.com/security/cve/CVE-2024-46675",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230533 for CVE-2024-46675",
               url: "https://bugzilla.suse.com/1230533",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46675",
      },
      {
         cve: "CVE-2024-46676",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46676",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: pn533: Add poll mod list filling check\n\nIn case of im_protocols value is 1 and tm_protocols value is 0 this\ncombination successfully passes the check\n'if (!im_protocols && !tm_protocols)' in the nfc_start_poll().\nBut then after pn533_poll_create_mod_list() call in pn533_start_poll()\npoll mod list will remain empty and dev->poll_mod_count will remain 0\nwhich lead to division by zero.\n\nNormally no im protocol has value 1 in the mask, so this combination is\nnot expected by driver. But these protocol values actually come from\nuserspace via Netlink interface (NFC_CMD_START_POLL operation). So a\nbroken or malicious program may pass a message containing a \"bad\"\ncombination of protocol parameter values so that dev->poll_mod_count\nis not incremented inside pn533_poll_create_mod_list(), thus leading\nto division by zero.\nCall trace looks like:\nnfc_genl_start_poll()\n  nfc_start_poll()\n    ->start_poll()\n    pn533_start_poll()\n\nAdd poll mod list filling check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46676",
               url: "https://www.suse.com/security/cve/CVE-2024-46676",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230535 for CVE-2024-46676",
               url: "https://bugzilla.suse.com/1230535",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46676",
      },
      {
         cve: "CVE-2024-46677",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46677",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix a potential NULL pointer dereference\n\nWhen sockfd_lookup() fails, gtp_encap_enable_socket() returns a\nNULL pointer, but its callers only check for error pointers thus miss\nthe NULL pointer case.\n\nFix it by returning an error pointer with the error code carried from\nsockfd_lookup().\n\n(I found this bug during code inspection.)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46677",
               url: "https://www.suse.com/security/cve/CVE-2024-46677",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230549 for CVE-2024-46677",
               url: "https://bugzilla.suse.com/1230549",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46677",
      },
      {
         cve: "CVE-2024-46679",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46679",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: check device is present when getting link settings\n\nA sysfs reader can race with a device reset or removal, attempting to\nread device state when the device is not actually present. eg:\n\n     [exception RIP: qed_get_current_link+17]\n  #8 [ffffb9e4f2907c48] qede_get_link_ksettings at ffffffffc07a994a [qede]\n  #9 [ffffb9e4f2907cd8] __rh_call_get_link_ksettings at ffffffff992b01a3\n #10 [ffffb9e4f2907d38] __ethtool_get_link_ksettings at ffffffff992b04e4\n #11 [ffffb9e4f2907d90] duplex_show at ffffffff99260300\n #12 [ffffb9e4f2907e38] dev_attr_show at ffffffff9905a01c\n #13 [ffffb9e4f2907e50] sysfs_kf_seq_show at ffffffff98e0145b\n #14 [ffffb9e4f2907e68] seq_read at ffffffff98d902e3\n #15 [ffffb9e4f2907ec8] vfs_read at ffffffff98d657d1\n #16 [ffffb9e4f2907f00] ksys_read at ffffffff98d65c3f\n #17 [ffffb9e4f2907f38] do_syscall_64 at ffffffff98a052fb\n\n crash> struct net_device.state ffff9a9d21336000\n    state = 5,\n\nstate 5 is __LINK_STATE_START (0b1) and __LINK_STATE_NOCARRIER (0b100).\nThe device is not present, note lack of __LINK_STATE_PRESENT (0b10).\n\nThis is the same sort of panic as observed in commit 4224cfd7fb65\n(\"net-sysfs: add check for netdevice being present to speed_show\").\n\nThere are many other callers of __ethtool_get_link_ksettings() which\ndon't have a device presence check.\n\nMove this check into ethtool to protect all callers.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46679",
               url: "https://www.suse.com/security/cve/CVE-2024-46679",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230556 for CVE-2024-46679",
               url: "https://bugzilla.suse.com/1230556",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46679",
      },
      {
         cve: "CVE-2024-46685",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46685",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: single: fix potential NULL dereference in pcs_get_function()\n\npinmux_generic_get_function() can return NULL and the pointer 'function'\nwas dereferenced without checking against NULL. Add checking of pointer\n'function' in pcs_get_function().\n\nFound by code review.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46685",
               url: "https://www.suse.com/security/cve/CVE-2024-46685",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230515 for CVE-2024-46685",
               url: "https://bugzilla.suse.com/1230515",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46685",
      },
      {
         cve: "CVE-2024-46686",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46686",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()\n\nThis happens when called from SMB2_read() while using rdma\nand reaching the rdma_readwrite_threshold.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46686",
               url: "https://www.suse.com/security/cve/CVE-2024-46686",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230517 for CVE-2024-46686",
               url: "https://bugzilla.suse.com/1230517",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46686",
      },
      {
         cve: "CVE-2024-46687",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46687",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()\n\n[BUG]\nThere is an internal report that KASAN is reporting use-after-free, with\nthe following backtrace:\n\n  BUG: KASAN: slab-use-after-free in btrfs_check_read_bio+0xa68/0xb70 [btrfs]\n  Read of size 4 at addr ffff8881117cec28 by task kworker/u16:2/45\n  CPU: 1 UID: 0 PID: 45 Comm: kworker/u16:2 Not tainted 6.11.0-rc2-next-20240805-default+ #76\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n  Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n  Call Trace:\n   dump_stack_lvl+0x61/0x80\n   print_address_description.constprop.0+0x5e/0x2f0\n   print_report+0x118/0x216\n   kasan_report+0x11d/0x1f0\n   btrfs_check_read_bio+0xa68/0xb70 [btrfs]\n   process_one_work+0xce0/0x12a0\n   worker_thread+0x717/0x1250\n   kthread+0x2e3/0x3c0\n   ret_from_fork+0x2d/0x70\n   ret_from_fork_asm+0x11/0x20\n\n  Allocated by task 20917:\n   kasan_save_stack+0x37/0x60\n   kasan_save_track+0x10/0x30\n   __kasan_slab_alloc+0x7d/0x80\n   kmem_cache_alloc_noprof+0x16e/0x3e0\n   mempool_alloc_noprof+0x12e/0x310\n   bio_alloc_bioset+0x3f0/0x7a0\n   btrfs_bio_alloc+0x2e/0x50 [btrfs]\n   submit_extent_page+0x4d1/0xdb0 [btrfs]\n   btrfs_do_readpage+0x8b4/0x12a0 [btrfs]\n   btrfs_readahead+0x29a/0x430 [btrfs]\n   read_pages+0x1a7/0xc60\n   page_cache_ra_unbounded+0x2ad/0x560\n   filemap_get_pages+0x629/0xa20\n   filemap_read+0x335/0xbf0\n   vfs_read+0x790/0xcb0\n   ksys_read+0xfd/0x1d0\n   do_syscall_64+0x6d/0x140\n   entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n  Freed by task 20917:\n   kasan_save_stack+0x37/0x60\n   kasan_save_track+0x10/0x30\n   kasan_save_free_info+0x37/0x50\n   __kasan_slab_free+0x4b/0x60\n   kmem_cache_free+0x214/0x5d0\n   bio_free+0xed/0x180\n   end_bbio_data_read+0x1cc/0x580 [btrfs]\n   btrfs_submit_chunk+0x98d/0x1880 [btrfs]\n   btrfs_submit_bio+0x33/0x70 [btrfs]\n   submit_one_bio+0xd4/0x130 [btrfs]\n   submit_extent_page+0x3ea/0xdb0 [btrfs]\n   btrfs_do_readpage+0x8b4/0x12a0 [btrfs]\n   btrfs_readahead+0x29a/0x430 [btrfs]\n   read_pages+0x1a7/0xc60\n   page_cache_ra_unbounded+0x2ad/0x560\n   filemap_get_pages+0x629/0xa20\n   filemap_read+0x335/0xbf0\n   vfs_read+0x790/0xcb0\n   ksys_read+0xfd/0x1d0\n   do_syscall_64+0x6d/0x140\n   entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n[CAUSE]\nAlthough I cannot reproduce the error, the report itself is good enough\nto pin down the cause.\n\nThe call trace is the regular endio workqueue context, but the\nfree-by-task trace is showing that during btrfs_submit_chunk() we\nalready hit a critical error, and is calling btrfs_bio_end_io() to error\nout.  And the original endio function called bio_put() to free the whole\nbio.\n\nThis means a double freeing thus causing use-after-free, e.g.:\n\n1. Enter btrfs_submit_bio() with a read bio\n   The read bio length is 128K, crossing two 64K stripes.\n\n2. The first run of btrfs_submit_chunk()\n\n2.1 Call btrfs_map_block(), which returns 64K\n2.2 Call btrfs_split_bio()\n    Now there are two bios, one referring to the first 64K, the other\n    referring to the second 64K.\n2.3 The first half is submitted.\n\n3. The second run of btrfs_submit_chunk()\n\n3.1 Call btrfs_map_block(), which by somehow failed\n    Now we call btrfs_bio_end_io() to handle the error\n\n3.2 btrfs_bio_end_io() calls the original endio function\n    Which is end_bbio_data_read(), and it calls bio_put() for the\n    original bio.\n\n    Now the original bio is freed.\n\n4. The submitted first 64K bio finished\n   Now we call into btrfs_check_read_bio() and tries to advance the bio\n   iter.\n   But since the original bio (thus its iter) is already freed, we\n   trigger the above use-after free.\n\n   And even if the memory is not poisoned/corrupted, we will later call\n   the original endio function, causing a double freeing.\n\n[FIX]\nInstead of calling btrfs_bio_end_io(), call btrfs_orig_bbio_end_io(),\nwhich has the extra check on split bios and do the pr\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46687",
               url: "https://www.suse.com/security/cve/CVE-2024-46687",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230518 for CVE-2024-46687",
               url: "https://bugzilla.suse.com/1230518",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46687",
      },
      {
         cve: "CVE-2024-46689",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46689",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: cmd-db: Map shared memory as WC, not WB\n\nLinux does not write into cmd-db region. This region of memory is write\nprotected by XPU. XPU may sometime falsely detect clean cache eviction\nas \"write\" into the write protected region leading to secure interrupt\nwhich causes an endless loop somewhere in Trust Zone.\n\nThe only reason it is working right now is because Qualcomm Hypervisor\nmaps the same region as Non-Cacheable memory in Stage 2 translation\ntables. The issue manifests if we want to use another hypervisor (like\nXen or KVM), which does not know anything about those specific mappings.\n\nChanging the mapping of cmd-db memory from MEMREMAP_WB to MEMREMAP_WT/WC\nremoves dependency on correct mappings in Stage 2 tables. This patch\nfixes the issue by updating the mapping to MEMREMAP_WC.\n\nI tested this on SA8155P with Xen.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46689",
               url: "https://www.suse.com/security/cve/CVE-2024-46689",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230524 for CVE-2024-46689",
               url: "https://bugzilla.suse.com/1230524",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46689",
      },
      {
         cve: "CVE-2024-46691",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46691",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Move unregister out of atomic section\n\nCommit '9329933699b3 (\"soc: qcom: pmic_glink: Make client-lock\nnon-sleeping\")' moved the pmic_glink client list under a spinlock, as it\nis accessed by the rpmsg/glink callback, which in turn is invoked from\nIRQ context.\n\nThis means that ucsi_unregister() is now called from atomic context,\nwhich isn't feasible as it's expecting a sleepable context. An effort is\nunder way to get GLINK to invoke its callbacks in a sleepable context,\nbut until then lets schedule the unregistration.\n\nA side effect of this is that ucsi_unregister() can now happen\nafter the remote processor, and thereby the communication link with it, is\ngone. pmic_glink_send() is amended with a check to avoid the resulting NULL\npointer dereference.\nThis does however result in the user being informed about this error by\nthe following entry in the kernel log:\n\n  ucsi_glink.pmic_glink_ucsi pmic_glink.ucsi.0: failed to send UCSI write request: -5",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46691",
               url: "https://www.suse.com/security/cve/CVE-2024-46691",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230526 for CVE-2024-46691",
               url: "https://bugzilla.suse.com/1230526",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46691",
      },
      {
         cve: "CVE-2024-46692",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46692",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: qcom: scm: Mark get_wq_ctx() as atomic call\n\nCurrently get_wq_ctx() is wrongly configured as a standard call. When two\nSMC calls are in sleep and one SMC wakes up, it calls get_wq_ctx() to\nresume the corresponding sleeping thread. But if get_wq_ctx() is\ninterrupted, goes to sleep and another SMC call is waiting to be allocated\na waitq context, it leads to a deadlock.\n\nTo avoid this get_wq_ctx() must be an atomic call and can't be a standard\nSMC call. Hence mark get_wq_ctx() as a fast call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46692",
               url: "https://www.suse.com/security/cve/CVE-2024-46692",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230520 for CVE-2024-46692",
               url: "https://bugzilla.suse.com/1230520",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46692",
      },
      {
         cve: "CVE-2024-46693",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46693",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pmic_glink: Fix race during initialization\n\nAs pointed out by Stephen Boyd it is possible that during initialization\nof the pmic_glink child drivers, the protection-domain notifiers fires,\nand the associated work is scheduled, before the client registration\nreturns and as a result the local \"client\" pointer has been initialized.\n\nThe outcome of this is a NULL pointer dereference as the \"client\"\npointer is blindly dereferenced.\n\nTimeline provided by Stephen:\n CPU0                               CPU1\n ----                               ----\n ucsi->client = NULL;\n devm_pmic_glink_register_client()\n  client->pdr_notify(client->priv, pg->client_state)\n   pmic_glink_ucsi_pdr_notify()\n    schedule_work(&ucsi->register_work)\n    <schedule away>\n                                    pmic_glink_ucsi_register()\n                                     ucsi_register()\n                                      pmic_glink_ucsi_read_version()\n                                       pmic_glink_ucsi_read()\n                                        pmic_glink_ucsi_read()\n                                         pmic_glink_send(ucsi->client)\n                                         <client is NULL BAD>\n ucsi->client = client // Too late!\n\nThis code is identical across the altmode, battery manager and usci\nchild drivers.\n\nResolve this by splitting the allocation of the \"client\" object and the\nregistration thereof into two operations.\n\nThis only happens if the protection domain registry is populated at the\ntime of registration, which by the introduction of commit '1ebcde047c54\n(\"soc: qcom: add pd-mapper implementation\")' became much more likely.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46693",
               url: "https://www.suse.com/security/cve/CVE-2024-46693",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230521 for CVE-2024-46693",
               url: "https://bugzilla.suse.com/1230521",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46693",
      },
      {
         cve: "CVE-2024-46694",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46694",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid using null object of framebuffer\n\nInstead of using state->fb->obj[0] directly, get object from framebuffer\nby calling drm_gem_fb_get_obj() and return error code when object is\nnull to avoid using null object of framebuffer.\n\n(cherry picked from commit 73dd0ad9e5dad53766ea3e631303430116f834b3)",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46694",
               url: "https://www.suse.com/security/cve/CVE-2024-46694",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230511 for CVE-2024-46694",
               url: "https://bugzilla.suse.com/1230511",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46694",
      },
      {
         cve: "CVE-2024-46695",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46695",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux,smack: don't bypass permissions check in inode_setsecctx hook\n\nMarek Gresko reports that the root user on an NFS client is able to\nchange the security labels on files on an NFS filesystem that is\nexported with root squashing enabled.\n\nThe end of the kerneldoc comment for __vfs_setxattr_noperm() states:\n\n *  This function requires the caller to lock the inode's i_mutex before it\n *  is executed. It also assumes that the caller will make the appropriate\n *  permission checks.\n\nnfsd_setattr() does do permissions checking via fh_verify() and\nnfsd_permission(), but those don't do all the same permissions checks\nthat are done by security_inode_setxattr() and its related LSM hooks do.\n\nSince nfsd_setattr() is the only consumer of security_inode_setsecctx(),\nsimplest solution appears to be to replace the call to\n__vfs_setxattr_noperm() with a call to __vfs_setxattr_locked().  This\nfixes the above issue and has the added benefit of causing nfsd to\nrecall conflicting delegations on a file when a client tries to change\nits security label.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46695",
               url: "https://www.suse.com/security/cve/CVE-2024-46695",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230519 for CVE-2024-46695",
               url: "https://bugzilla.suse.com/1230519",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46695",
      },
      {
         cve: "CVE-2024-46702",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46702",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Mark XDomain as unplugged when router is removed\n\nI noticed that when we do discrete host router NVM upgrade and it gets\nhot-removed from the PCIe side as a result of NVM firmware authentication,\nif there is another host connected with enabled paths we hang in tearing\nthem down. This is due to fact that the Thunderbolt networking driver\nalso tries to cleanup the paths and ends up blocking in\ntb_disconnect_xdomain_paths() waiting for the domain lock.\n\nHowever, at this point we already cleaned the paths in tb_stop() so\nthere is really no need for tb_disconnect_xdomain_paths() to do that\nanymore. Furthermore it already checks if the XDomain is unplugged and\nbails out early so take advantage of that and mark the XDomain as\nunplugged when we remove the parent router.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46702",
               url: "https://www.suse.com/security/cve/CVE-2024-46702",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230589 for CVE-2024-46702",
               url: "https://bugzilla.suse.com/1230589",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46702",
      },
      {
         cve: "CVE-2024-46706",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46706",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: fsl_lpuart: mark last busy before uart_add_one_port\n\nWith \"earlycon initcall_debug=1 loglevel=8\" in bootargs, kernel\nsometimes boot hang. It is because normal console still is not ready,\nbut runtime suspend is called, so early console putchar will hang\nin waiting TRDE set in UARTSTAT.\n\nThe lpuart driver has auto suspend delay set to 3000ms, but during\nuart_add_one_port, a child device serial ctrl will added and probed with\nits pm runtime enabled(see serial_ctrl.c).\nThe runtime suspend call path is:\ndevice_add\n     |-> bus_probe_device\n           |->device_initial_probe\n\t           |->__device_attach\n                         |-> pm_runtime_get_sync(dev->parent);\n\t\t\t |-> pm_request_idle(dev);\n\t\t\t |-> pm_runtime_put(dev->parent);\n\nSo in the end, before normal console ready, the lpuart get runtime\nsuspended. And earlycon putchar will hang.\n\nTo address the issue, mark last busy just after pm_runtime_enable,\nthree seconds is long enough to switch from bootconsole to normal\nconsole.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46706",
               url: "https://www.suse.com/security/cve/CVE-2024-46706",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230580 for CVE-2024-46706",
               url: "https://bugzilla.suse.com/1230580",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46706",
      },
      {
         cve: "CVE-2024-46707",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46707",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3\n\nOn a system with a GICv3, if a guest hasn't been configured with\nGICv3 and that the host is not capable of GICv2 emulation,\na write to any of the ICC_*SGI*_EL1 registers is trapped to EL2.\n\nWe therefore try to emulate the SGI access, only to hit a NULL\npointer as no private interrupt is allocated (no GIC, remember?).\n\nThe obvious fix is to give the guest what it deserves, in the\nshape of a UNDEF exception.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46707",
               url: "https://www.suse.com/security/cve/CVE-2024-46707",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230582 for CVE-2024-46707",
               url: "https://bugzilla.suse.com/1230582",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46707",
      },
      {
         cve: "CVE-2024-46709",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46709",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix prime with external buffers\n\nMake sure that for external buffers mapping goes through the dma_buf\ninterface instead of trying to access pages directly.\n\nExternal buffers might not provide direct access to readable/writable\npages so to make sure the bo's created from external dma_bufs can be\nread dma_buf interface has to be used.\n\nFixes crashes in IGT's kms_prime with vgem. Regular desktop usage won't\ntrigger this due to the fact that virtual machines will not have\nmultiple GPUs but it enables better test coverage in IGT.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46709",
               url: "https://www.suse.com/security/cve/CVE-2024-46709",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230539 for CVE-2024-46709",
               url: "https://bugzilla.suse.com/1230539",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46709",
      },
      {
         cve: "CVE-2024-46710",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46710",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Prevent unmapping active read buffers\n\nThe kms paths keep a persistent map active to read and compare the cursor\nbuffer. These maps can race with each other in simple scenario where:\na) buffer \"a\" mapped for update\nb) buffer \"a\" mapped for compare\nc) do the compare\nd) unmap \"a\" for compare\ne) update the cursor\nf) unmap \"a\" for update\nAt step \"e\" the buffer has been unmapped and the read contents is bogus.\n\nPrevent unmapping of active read buffers by simply keeping a count of\nhow many paths have currently active maps and unmap only when the count\nreaches 0.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46710",
               url: "https://www.suse.com/security/cve/CVE-2024-46710",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230540 for CVE-2024-46710",
               url: "https://bugzilla.suse.com/1230540",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46710",
      },
      {
         cve: "CVE-2024-46711",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46711",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix ID 0 endp usage after multiple re-creations\n\n'local_addr_used' and 'add_addr_accepted' are decremented for addresses\nnot related to the initial subflow (ID0), because the source and\ndestination addresses of the initial subflows are known from the\nbeginning: they don't count as \"additional local address being used\" or\n\"ADD_ADDR being accepted\".\n\nIt is then required not to increment them when the entrypoint used by\nthe initial subflow is removed and re-added during a connection. Without\nthis modification, this entrypoint cannot be removed and re-added more\nthan once.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46711",
               url: "https://www.suse.com/security/cve/CVE-2024-46711",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230542 for CVE-2024-46711",
               url: "https://bugzilla.suse.com/1230542",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46711",
      },
      {
         cve: "CVE-2024-46714",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46714",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Skip wbscl_set_scaler_filter if filter is null\n\nCallers can pass null in filter (i.e. from returned from the function\nwbscl_get_filter_coeffs_16p) and a null check is added to ensure that is\nnot the case.\n\nThis fixes 4 NULL_RETURNS issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46714",
               url: "https://www.suse.com/security/cve/CVE-2024-46714",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230699 for CVE-2024-46714",
               url: "https://bugzilla.suse.com/1230699",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46714",
      },
      {
         cve: "CVE-2024-46715",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46715",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver: iio: add missing checks on iio_info's callback access\n\nSome callbacks from iio_info structure are accessed without any check, so\nif a driver doesn't implement them trying to access the corresponding\nsysfs entries produce a kernel oops such as:\n\n[ 2203.527791] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute\n[...]\n[ 2203.783416] Call trace:\n[ 2203.783429]  iio_read_channel_info_avail from dev_attr_show+0x18/0x48\n[ 2203.789807]  dev_attr_show from sysfs_kf_seq_show+0x90/0x120\n[ 2203.794181]  sysfs_kf_seq_show from seq_read_iter+0xd0/0x4e4\n[ 2203.798555]  seq_read_iter from vfs_read+0x238/0x2a0\n[ 2203.802236]  vfs_read from ksys_read+0xa4/0xd4\n[ 2203.805385]  ksys_read from ret_fast_syscall+0x0/0x54\n[ 2203.809135] Exception stack(0xe0badfa8 to 0xe0badff0)\n[ 2203.812880] dfa0:                   00000003 b6f10f80 00000003 b6eab000 00020000 00000000\n[ 2203.819746] dfc0: 00000003 b6f10f80 7ff00000 00000003 00000003 00000000 00020000 00000000\n[ 2203.826619] dfe0: b6e1bc88 bed80958 b6e1bc94 b6e1bcb0\n[ 2203.830363] Code: bad PC value\n[ 2203.832695] ---[ end trace 0000000000000000 ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46715",
               url: "https://www.suse.com/security/cve/CVE-2024-46715",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230700 for CVE-2024-46715",
               url: "https://bugzilla.suse.com/1230700",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46715",
      },
      {
         cve: "CVE-2024-46716",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46716",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor\n\nRemove list_del call in msgdma_chan_desc_cleanup, this should be the role\nof msgdma_free_descriptor. In consequence replace list_add_tail with\nlist_move_tail in msgdma_free_descriptor.\n\nThis fixes the path:\n   msgdma_free_chan_resources -> msgdma_free_descriptors ->\n   msgdma_free_desc_list -> msgdma_free_descriptor\n\nwhich does not correctly free the descriptors as first nodes were not\nremoved from the list.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46716",
               url: "https://www.suse.com/security/cve/CVE-2024-46716",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230715 for CVE-2024-46716",
               url: "https://bugzilla.suse.com/1230715",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46716",
      },
      {
         cve: "CVE-2024-46717",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46717",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: SHAMPO, Fix incorrect page release\n\nUnder the following conditions:\n1) No skb created yet\n2) header_size == 0 (no SHAMPO header)\n3) header_index + 1 % MLX5E_SHAMPO_WQ_HEADER_PER_PAGE == 0 (this is the\n   last page fragment of a SHAMPO header page)\n\na new skb is formed with a page that is NOT a SHAMPO header page (it\nis a regular data page). Further down in the same function\n(mlx5e_handle_rx_cqe_mpwrq_shampo()), a SHAMPO header page from\nheader_index is released. This is wrong and it leads to SHAMPO header\npages being released more than once.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46717",
               url: "https://www.suse.com/security/cve/CVE-2024-46717",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230719 for CVE-2024-46717",
               url: "https://bugzilla.suse.com/1230719",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46717",
      },
      {
         cve: "CVE-2024-46719",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46719",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix null pointer dereference in trace\n\nucsi_register_altmode checks IS_ERR for the alt pointer and treats\nNULL as valid. When CONFIG_TYPEC_DP_ALTMODE is not enabled,\nucsi_register_displayport returns NULL which causes a NULL pointer\ndereference in trace. Rather than return NULL, call\ntypec_port_register_altmode to register DisplayPort alternate mode\nas a non-controllable mode when CONFIG_TYPEC_DP_ALTMODE is not enabled.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46719",
               url: "https://www.suse.com/security/cve/CVE-2024-46719",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230722 for CVE-2024-46719",
               url: "https://bugzilla.suse.com/1230722",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46719",
      },
      {
         cve: "CVE-2024-46720",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46720",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix dereference after null check\n\ncheck the pointer hive before use.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46720",
               url: "https://www.suse.com/security/cve/CVE-2024-46720",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230724 for CVE-2024-46720",
               url: "https://bugzilla.suse.com/1230724",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46720",
      },
      {
         cve: "CVE-2024-46722",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46722",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix mc_data out-of-bounds read warning\n\nClear warning that read mc_data[i-1] may out-of-bounds.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46722",
               url: "https://www.suse.com/security/cve/CVE-2024-46722",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230712 for CVE-2024-46722",
               url: "https://bugzilla.suse.com/1230712",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46722",
      },
      {
         cve: "CVE-2024-46723",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46723",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix ucode out-of-bounds read warning\n\nClear warning that read ucode[] may out-of-bounds.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46723",
               url: "https://www.suse.com/security/cve/CVE-2024-46723",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230702 for CVE-2024-46723",
               url: "https://bugzilla.suse.com/1230702",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46723",
      },
      {
         cve: "CVE-2024-46724",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46724",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number\n\nCheck the fb_channel_number range to avoid the array out-of-bounds\nread error",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46724",
               url: "https://www.suse.com/security/cve/CVE-2024-46724",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230725 for CVE-2024-46724",
               url: "https://bugzilla.suse.com/1230725",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46724",
      },
      {
         cve: "CVE-2024-46725",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46725",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix out-of-bounds write warning\n\nCheck the ring type value to fix the out-of-bounds\nwrite warning",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46725",
               url: "https://www.suse.com/security/cve/CVE-2024-46725",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230705 for CVE-2024-46725",
               url: "https://bugzilla.suse.com/1230705",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46725",
      },
      {
         cve: "CVE-2024-46726",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46726",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Ensure index calculation will not overflow\n\n[WHY & HOW]\nMake sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation will\nnever overflow and exceess array size.\n\nThis fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46726",
               url: "https://www.suse.com/security/cve/CVE-2024-46726",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230706 for CVE-2024-46726",
               url: "https://bugzilla.suse.com/1230706",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46726",
      },
      {
         cve: "CVE-2024-46727",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46727",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update\n\n[Why]\nCoverity reports NULL_RETURN warning.\n\n[How]\nAdd otg_master NULL check.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46727",
               url: "https://www.suse.com/security/cve/CVE-2024-46727",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230707 for CVE-2024-46727",
               url: "https://bugzilla.suse.com/1230707",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46727",
      },
      {
         cve: "CVE-2024-46728",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46728",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check index for aux_rd_interval before using\n\naux_rd_interval has size of 7 and should be checked.\n\nThis fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46728",
               url: "https://www.suse.com/security/cve/CVE-2024-46728",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230703 for CVE-2024-46728",
               url: "https://bugzilla.suse.com/1230703",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46728",
      },
      {
         cve: "CVE-2024-46729",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46729",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix incorrect size calculation for loop\n\n[WHY]\nfe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is\nlager than the array size.\n\n[HOW]\nDivide byte size 20 by its element size.\n\nThis fixes 2 OVERRUN issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46729",
               url: "https://www.suse.com/security/cve/CVE-2024-46729",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230704 for CVE-2024-46729",
               url: "https://bugzilla.suse.com/1230704",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46729",
      },
      {
         cve: "CVE-2024-46730",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46730",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Ensure array index tg_inst won't be -1\n\n[WHY & HOW]\ntg_inst will be a negative if timing_generator_count equals 0, which\nshould be checked before used.\n\nThis fixes 2 OVERRUN issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46730",
               url: "https://www.suse.com/security/cve/CVE-2024-46730",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230701 for CVE-2024-46730",
               url: "https://bugzilla.suse.com/1230701",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46730",
      },
      {
         cve: "CVE-2024-46731",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46731",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix the Out-of-bounds read warning\n\nusing index i - 1U may beyond element index\nfor mc_data[] when i = 0.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46731",
               url: "https://www.suse.com/security/cve/CVE-2024-46731",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230709 for CVE-2024-46731",
               url: "https://bugzilla.suse.com/1230709",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46731",
      },
      {
         cve: "CVE-2024-46732",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46732",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign linear_pitch_alignment even for VM\n\n[Description]\nAssign linear_pitch_alignment so we don't cause a divide by 0\nerror in VM environments",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46732",
               url: "https://www.suse.com/security/cve/CVE-2024-46732",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230711 for CVE-2024-46732",
               url: "https://bugzilla.suse.com/1230711",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46732",
      },
      {
         cve: "CVE-2024-46734",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46734",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race between direct IO write and fsync when using same fd\n\nIf we have 2 threads that are using the same file descriptor and one of\nthem is doing direct IO writes while the other is doing fsync, we have a\nrace where we can end up either:\n\n1) Attempt a fsync without holding the inode's lock, triggering an\n   assertion failures when assertions are enabled;\n\n2) Do an invalid memory access from the fsync task because the file private\n   points to memory allocated on stack by the direct IO task and it may be\n   used by the fsync task after the stack was destroyed.\n\nThe race happens like this:\n\n1) A user space program opens a file descriptor with O_DIRECT;\n\n2) The program spawns 2 threads using libpthread for example;\n\n3) One of the threads uses the file descriptor to do direct IO writes,\n   while the other calls fsync using the same file descriptor.\n\n4) Call task A the thread doing direct IO writes and task B the thread\n   doing fsyncs;\n\n5) Task A does a direct IO write, and at btrfs_direct_write() sets the\n   file's private to an on stack allocated private with the member\n   'fsync_skip_inode_lock' set to true;\n\n6) Task B enters btrfs_sync_file() and sees that there's a private\n   structure associated to the file which has 'fsync_skip_inode_lock' set\n   to true, so it skips locking the inode's VFS lock;\n\n7) Task A completes the direct IO write, and resets the file's private to\n   NULL since it had no prior private and our private was stack allocated.\n   Then it unlocks the inode's VFS lock;\n\n8) Task B enters btrfs_get_ordered_extents_for_logging(), then the\n   assertion that checks the inode's VFS lock is held fails, since task B\n   never locked it and task A has already unlocked it.\n\nThe stack trace produced is the following:\n\n   assertion failed: inode_is_locked(&inode->vfs_inode), in fs/btrfs/ordered-data.c:983\n   ------------[ cut here ]------------\n   kernel BUG at fs/btrfs/ordered-data.c:983!\n   Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI\n   CPU: 9 PID: 5072 Comm: worker Tainted: G     U     OE      6.10.5-1-default #1 openSUSE Tumbleweed 69f48d427608e1c09e60ea24c6c55e2ca1b049e8\n   Hardware name: Acer Predator PH315-52/Covini_CFS, BIOS V1.12 07/28/2020\n   RIP: 0010:btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs]\n   Code: 50 d6 86 c0 e8 (...)\n   RSP: 0018:ffff9e4a03dcfc78 EFLAGS: 00010246\n   RAX: 0000000000000054 RBX: ffff9078a9868e98 RCX: 0000000000000000\n   RDX: 0000000000000000 RSI: ffff907dce4a7800 RDI: ffff907dce4a7800\n   RBP: ffff907805518800 R08: 0000000000000000 R09: ffff9e4a03dcfb38\n   R10: ffff9e4a03dcfb30 R11: 0000000000000003 R12: ffff907684ae7800\n   R13: 0000000000000001 R14: ffff90774646b600 R15: 0000000000000000\n   FS:  00007f04b96006c0(0000) GS:ffff907dce480000(0000) knlGS:0000000000000000\n   CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n   CR2: 00007f32acbfc000 CR3: 00000001fd4fa005 CR4: 00000000003726f0\n   Call Trace:\n    <TASK>\n    ? __die_body.cold+0x14/0x24\n    ? die+0x2e/0x50\n    ? do_trap+0xca/0x110\n    ? do_error_trap+0x6a/0x90\n    ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n    ? exc_invalid_op+0x50/0x70\n    ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n    ? asm_exc_invalid_op+0x1a/0x20\n    ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n    ? btrfs_get_ordered_extents_for_logging.cold+0x1f/0x42 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n    btrfs_sync_file+0x21a/0x4d0 [btrfs bb26272d49b4cdc847cf3f7faadd459b62caee9a]\n    ? __seccomp_filter+0x31d/0x4f0\n    __x64_sys_fdatasync+0x4f/0x90\n    do_syscall_64+0x82/0x160\n    ? do_futex+0xcb/0x190\n    ? __x64_sys_futex+0x10e/0x1d0\n    ? switch_fpu_return+0x4f/0xd0\n    ? syscall_exit_to_user_mode+0x72/0x220\n    ? do_syscall_64+0x8e/0x160\n    ? syscall_exit_to_user_mod\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46734",
               url: "https://www.suse.com/security/cve/CVE-2024-46734",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230726 for CVE-2024-46734",
               url: "https://bugzilla.suse.com/1230726",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46734",
      },
      {
         cve: "CVE-2024-46735",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46735",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery()\n\nWhen two UBLK_CMD_START_USER_RECOVERY commands are submitted, the\nfirst one sets 'ubq->ubq_daemon' to NULL, and the second one triggers\nWARN in ublk_queue_reinit() and subsequently a NULL pointer dereference\nissue.\n\nFix it by adding the check in ublk_ctrl_start_recovery() and return\nimmediately in case of zero 'ub->nr_queues_ready'.\n\n  BUG: kernel NULL pointer dereference, address: 0000000000000028\n  RIP: 0010:ublk_ctrl_start_recovery.constprop.0+0x82/0x180\n  Call Trace:\n   <TASK>\n   ? __die+0x20/0x70\n   ? page_fault_oops+0x75/0x170\n   ? exc_page_fault+0x64/0x140\n   ? asm_exc_page_fault+0x22/0x30\n   ? ublk_ctrl_start_recovery.constprop.0+0x82/0x180\n   ublk_ctrl_uring_cmd+0x4f7/0x6c0\n   ? pick_next_task_idle+0x26/0x40\n   io_uring_cmd+0x9a/0x1b0\n   io_issue_sqe+0x193/0x3f0\n   io_wq_submit_work+0x9b/0x390\n   io_worker_handle_work+0x165/0x360\n   io_wq_worker+0xcb/0x2f0\n   ? finish_task_switch.isra.0+0x203/0x290\n   ? finish_task_switch.isra.0+0x203/0x290\n   ? __pfx_io_wq_worker+0x10/0x10\n   ret_from_fork+0x2d/0x50\n   ? __pfx_io_wq_worker+0x10/0x10\n   ret_from_fork_asm+0x1a/0x30\n   </TASK>",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46735",
               url: "https://www.suse.com/security/cve/CVE-2024-46735",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230727 for CVE-2024-46735",
               url: "https://bugzilla.suse.com/1230727",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46735",
      },
      {
         cve: "CVE-2024-46737",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46737",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-tcp: fix kernel crash if commands allocation fails\n\nIf the commands allocation fails in nvmet_tcp_alloc_cmds()\nthe kernel crashes in nvmet_tcp_release_queue_work() because of\na NULL pointer dereference.\n\n  nvmet: failed to install queue 0 cntlid 1 ret 6\n  Unable to handle kernel NULL pointer dereference at\n         virtual address 0000000000000008\n\nFix the bug by setting queue->nr_cmds to zero in case\nnvmet_tcp_alloc_cmd() fails.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46737",
               url: "https://www.suse.com/security/cve/CVE-2024-46737",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230730 for CVE-2024-46737",
               url: "https://bugzilla.suse.com/1230730",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46737",
      },
      {
         cve: "CVE-2024-46738",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46738",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix use-after-free when removing resource in vmci_resource_remove()\n\nWhen removing a resource from vmci_resource_table in\nvmci_resource_remove(), the search is performed using the resource\nhandle by comparing context and resource fields.\n\nIt is possible though to create two resources with different types\nbut same handle (same context and resource fields).\n\nWhen trying to remove one of the resources, vmci_resource_remove()\nmay not remove the intended one, but the object will still be freed\nas in the case of the datagram type in vmci_datagram_destroy_handle().\nvmci_resource_table will still hold a pointer to this freed resource\nleading to a use-after-free vulnerability.\n\nBUG: KASAN: use-after-free in vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\nBUG: KASAN: use-after-free in vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\nRead of size 4 at addr ffff88801c16d800 by task syz-executor197/1592\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x82/0xa9 lib/dump_stack.c:106\n print_address_description.constprop.0+0x21/0x366 mm/kasan/report.c:239\n __kasan_report.cold+0x7f/0x132 mm/kasan/report.c:425\n kasan_report+0x38/0x51 mm/kasan/report.c:442\n vmci_handle_is_equal include/linux/vmw_vmci_defs.h:142 [inline]\n vmci_resource_remove+0x3a1/0x410 drivers/misc/vmw_vmci/vmci_resource.c:147\n vmci_qp_broker_detach+0x89a/0x11b9 drivers/misc/vmw_vmci/vmci_queue_pair.c:2182\n ctx_free_ctx+0x473/0xbe1 drivers/misc/vmw_vmci/vmci_context.c:444\n kref_put include/linux/kref.h:65 [inline]\n vmci_ctx_put drivers/misc/vmw_vmci/vmci_context.c:497 [inline]\n vmci_ctx_destroy+0x170/0x1d6 drivers/misc/vmw_vmci/vmci_context.c:195\n vmci_host_close+0x125/0x1ac drivers/misc/vmw_vmci/vmci_host.c:143\n __fput+0x261/0xa34 fs/file_table.c:282\n task_work_run+0xf0/0x194 kernel/task_work.c:164\n tracehook_notify_resume include/linux/tracehook.h:189 [inline]\n exit_to_user_mode_loop+0x184/0x189 kernel/entry/common.c:187\n exit_to_user_mode_prepare+0x11b/0x123 kernel/entry/common.c:220\n __syscall_exit_to_user_mode_work kernel/entry/common.c:302 [inline]\n syscall_exit_to_user_mode+0x18/0x42 kernel/entry/common.c:313\n do_syscall_64+0x41/0x85 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x6e/0x0\n\nThis change ensures the type is also checked when removing\nthe resource from vmci_resource_table in vmci_resource_remove().",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46738",
               url: "https://www.suse.com/security/cve/CVE-2024-46738",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230731 for CVE-2024-46738",
               url: "https://bugzilla.suse.com/1230731",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46738",
      },
      {
         cve: "CVE-2024-46739",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46739",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind\n\nFor primary VM Bus channels, primary_channel pointer is always NULL. This\npointer is valid only for the secondary channels. Also, rescind callback\nis meant for primary channels only.\n\nFix NULL pointer dereference by retrieving the device_obj from the parent\nfor the primary channel.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46739",
               url: "https://www.suse.com/security/cve/CVE-2024-46739",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230732 for CVE-2024-46739",
               url: "https://bugzilla.suse.com/1230732",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46739",
      },
      {
         cve: "CVE-2024-46741",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46741",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix double free of 'buf' in error path\n\nsmatch warning:\ndrivers/misc/fastrpc.c:1926 fastrpc_req_mmap() error: double free of 'buf'\n\nIn fastrpc_req_mmap() error path, the fastrpc buffer is freed in\nfastrpc_req_munmap_impl() if unmap is successful.\n\nBut in the end, there is an unconditional call to fastrpc_buf_free().\nSo the above case triggers the double free of fastrpc buf.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46741",
               url: "https://www.suse.com/security/cve/CVE-2024-46741",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230749 for CVE-2024-46741",
               url: "https://bugzilla.suse.com/1230749",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "important",
            },
         ],
         title: "CVE-2024-46741",
      },
      {
         cve: "CVE-2024-46743",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46743",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nof/irq: Prevent device address out-of-bounds read in interrupt map walk\n\nWhen of_irq_parse_raw() is invoked with a device address smaller than\nthe interrupt parent node (from #address-cells property), KASAN detects\nthe following out-of-bounds read when populating the initial match table\n(dyndbg=\"func of_irq_parse_* +p\"):\n\n  OF: of_irq_parse_one: dev=/soc@0/picasso/watchdog, index=0\n  OF:  parent=/soc@0/pci@878000000000/gpio0@17,0, intsize=2\n  OF:  intspec=4\n  OF: of_irq_parse_raw: ipar=/soc@0/pci@878000000000/gpio0@17,0, size=2\n  OF:  -> addrsize=3\n  ==================================================================\n  BUG: KASAN: slab-out-of-bounds in of_irq_parse_raw+0x2b8/0x8d0\n  Read of size 4 at addr ffffff81beca5608 by task bash/764\n\n  CPU: 1 PID: 764 Comm: bash Tainted: G           O       6.1.67-484c613561-nokia_sm_arm64 #1\n  Hardware name: Unknown Unknown Product/Unknown Product, BIOS 2023.01-12.24.03-dirty 01/01/2023\n  Call trace:\n   dump_backtrace+0xdc/0x130\n   show_stack+0x1c/0x30\n   dump_stack_lvl+0x6c/0x84\n   print_report+0x150/0x448\n   kasan_report+0x98/0x140\n   __asan_load4+0x78/0xa0\n   of_irq_parse_raw+0x2b8/0x8d0\n   of_irq_parse_one+0x24c/0x270\n   parse_interrupts+0xc0/0x120\n   of_fwnode_add_links+0x100/0x2d0\n   fw_devlink_parse_fwtree+0x64/0xc0\n   device_add+0xb38/0xc30\n   of_device_add+0x64/0x90\n   of_platform_device_create_pdata+0xd0/0x170\n   of_platform_bus_create+0x244/0x600\n   of_platform_notify+0x1b0/0x254\n   blocking_notifier_call_chain+0x9c/0xd0\n   __of_changeset_entry_notify+0x1b8/0x230\n   __of_changeset_apply_notify+0x54/0xe4\n   of_overlay_fdt_apply+0xc04/0xd94\n   ...\n\n  The buggy address belongs to the object at ffffff81beca5600\n   which belongs to the cache kmalloc-128 of size 128\n  The buggy address is located 8 bytes inside of\n   128-byte region [ffffff81beca5600, ffffff81beca5680)\n\n  The buggy address belongs to the physical page:\n  page:00000000230d3d03 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1beca4\n  head:00000000230d3d03 order:1 compound_mapcount:0 compound_pincount:0\n  flags: 0x8000000000010200(slab|head|zone=2)\n  raw: 8000000000010200 0000000000000000 dead000000000122 ffffff810000c300\n  raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000\n  page dumped because: kasan: bad access detected\n\n  Memory state around the buggy address:\n   ffffff81beca5500: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n   ffffff81beca5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n  >ffffff81beca5600: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n                        ^\n   ffffff81beca5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n   ffffff81beca5700: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc\n  ==================================================================\n  OF:  -> got it !\n\nPrevent the out-of-bounds read by copying the device address into a\nbuffer of sufficient size.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46743",
               url: "https://www.suse.com/security/cve/CVE-2024-46743",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230756 for CVE-2024-46743",
               url: "https://bugzilla.suse.com/1230756",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46743",
      },
      {
         cve: "CVE-2024-46744",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46744",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: sanity check symbolic link size\n\nSyzkiller reports a \"KMSAN: uninit-value in pick_link\" bug.\n\nThis is caused by an uninitialised page, which is ultimately caused\nby a corrupted symbolic link size read from disk.\n\nThe reason why the corrupted symlink size causes an uninitialised\npage is due to the following sequence of events:\n\n1. squashfs_read_inode() is called to read the symbolic\n   link from disk.  This assigns the corrupted value\n   3875536935 to inode->i_size.\n\n2. Later squashfs_symlink_read_folio() is called, which assigns\n   this corrupted value to the length variable, which being a\n   signed int, overflows producing a negative number.\n\n3. The following loop that fills in the page contents checks that\n   the copied bytes is less than length, which being negative means\n   the loop is skipped, producing an uninitialised page.\n\nThis patch adds a sanity check which checks that the symbolic\nlink size is not larger than expected.\n\n--\n\nV2: fix spelling mistake.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46744",
               url: "https://www.suse.com/security/cve/CVE-2024-46744",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230747 for CVE-2024-46744",
               url: "https://bugzilla.suse.com/1230747",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46744",
      },
      {
         cve: "CVE-2024-46745",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46745",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: uinput - reject requests with unreasonable number of slots\n\n\nWhen exercising uinput interface syzkaller may try setting up device\nwith a really large number of slots, which causes memory allocation\nfailure in input_mt_init_slots(). While this allocation failure is\nhandled properly and request is rejected, it results in syzkaller\nreports. Additionally, such request may put undue burden on the\nsystem which will try to free a lot of memory for a bogus request.\n\nFix it by limiting allowed number of slots to 100. This can easily\nbe extended if we see devices that can track more than 100 contacts.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46745",
               url: "https://www.suse.com/security/cve/CVE-2024-46745",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230748 for CVE-2024-46745",
               url: "https://bugzilla.suse.com/1230748",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46745",
      },
      {
         cve: "CVE-2024-46746",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46746",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: free driver_data after destroying hid device\n\nHID driver callbacks aren't called anymore once hid_destroy_device() has\nbeen called. Hence, hid driver_data should be freed only after the\nhid_destroy_device() function returned as driver_data is used in several\ncallbacks.\n\nI observed a crash with kernel 6.10.0 on my T14s Gen 3, after enabling\nKASAN to debug memory allocation, I got this output:\n\n  [   13.050438] ==================================================================\n  [   13.054060] BUG: KASAN: slab-use-after-free in amd_sfh_get_report+0x3ec/0x530 [amd_sfh]\n  [   13.054809] psmouse serio1: trackpoint: Synaptics TrackPoint firmware: 0x02, buttons: 3/3\n  [   13.056432] Read of size 8 at addr ffff88813152f408 by task (udev-worker)/479\n\n  [   13.060970] CPU: 5 PID: 479 Comm: (udev-worker) Not tainted 6.10.0-arch1-2 #1 893bb55d7f0073f25c46adbb49eb3785fefd74b0\n  [   13.063978] Hardware name: LENOVO 21CQCTO1WW/21CQCTO1WW, BIOS R22ET70W (1.40 ) 03/21/2024\n  [   13.067860] Call Trace:\n  [   13.069383] input: TPPS/2 Synaptics TrackPoint as /devices/platform/i8042/serio1/input/input8\n  [   13.071486]  <TASK>\n  [   13.071492]  dump_stack_lvl+0x5d/0x80\n  [   13.074870] snd_hda_intel 0000:33:00.6: enabling device (0000 -> 0002)\n  [   13.078296]  ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n  [   13.082199]  print_report+0x174/0x505\n  [   13.085776]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n  [   13.089367]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.093255]  ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n  [   13.097464]  kasan_report+0xc8/0x150\n  [   13.101461]  ? amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n  [   13.105802]  amd_sfh_get_report+0x3ec/0x530 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n  [   13.110303]  amdtp_hid_request+0xb8/0x110 [amd_sfh 05f43221435b5205f734cd9da29399130f398a38]\n  [   13.114879]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.119450]  sensor_hub_get_feature+0x1d3/0x540 [hid_sensor_hub 3f13be3016ff415bea03008d45d99da837ee3082]\n  [   13.124097]  hid_sensor_parse_common_attributes+0x4d0/0xad0 [hid_sensor_iio_common c3a5cbe93969c28b122609768bbe23efe52eb8f5]\n  [   13.127404]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.131925]  ? __pfx_hid_sensor_parse_common_attributes+0x10/0x10 [hid_sensor_iio_common c3a5cbe93969c28b122609768bbe23efe52eb8f5]\n  [   13.136455]  ? _raw_spin_lock_irqsave+0x96/0xf0\n  [   13.140197]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n  [   13.143602]  ? devm_iio_device_alloc+0x34/0x50 [industrialio 3d261d5e5765625d2b052be40e526d62b1d2123b]\n  [   13.147234]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.150446]  ? __devm_add_action+0x167/0x1d0\n  [   13.155061]  hid_gyro_3d_probe+0x120/0x7f0 [hid_sensor_gyro_3d 63da36a143b775846ab2dbb86c343b401b5e3172]\n  [   13.158581]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.161814]  platform_probe+0xa2/0x150\n  [   13.165029]  really_probe+0x1e3/0x8a0\n  [   13.168243]  __driver_probe_device+0x18c/0x370\n  [   13.171500]  driver_probe_device+0x4a/0x120\n  [   13.175000]  __driver_attach+0x190/0x4a0\n  [   13.178521]  ? __pfx___driver_attach+0x10/0x10\n  [   13.181771]  bus_for_each_dev+0x106/0x180\n  [   13.185033]  ? __pfx__raw_spin_lock+0x10/0x10\n  [   13.188229]  ? __pfx_bus_for_each_dev+0x10/0x10\n  [   13.191446]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.194382]  bus_add_driver+0x29e/0x4d0\n  [   13.197328]  driver_register+0x1a5/0x360\n  [   13.200283]  ? __pfx_hid_gyro_3d_platform_driver_init+0x10/0x10 [hid_sensor_gyro_3d 63da36a143b775846ab2dbb86c343b401b5e3172]\n  [   13.203362]  do_one_initcall+0xa7/0x380\n  [   13.206432]  ? __pfx_do_one_initcall+0x10/0x10\n  [   13.210175]  ? srso_alias_return_thunk+0x5/0xfbef5\n  [   13.213211]  ? kasan_unpoison+0x44/0x70\n  [   13.216688]  do_init_module+0x238/0x750\n  [   13.2196\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46746",
               url: "https://www.suse.com/security/cve/CVE-2024-46746",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230751 for CVE-2024-46746",
               url: "https://bugzilla.suse.com/1230751",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46746",
      },
      {
         cve: "CVE-2024-46747",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46747",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup\n\nreport_fixup for the Cougar 500k Gaming Keyboard was not verifying\nthat the report descriptor size was correct before accessing it",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46747",
               url: "https://www.suse.com/security/cve/CVE-2024-46747",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230752 for CVE-2024-46747",
               url: "https://bugzilla.suse.com/1230752",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46747",
      },
      {
         cve: "CVE-2024-46749",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46749",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()\n\nThis adds a check before freeing the rx->skb in flush and close\nfunctions to handle the kernel crash seen while removing driver after FW\ndownload fails or before FW download completes.\n\ndmesg log:\n[   54.634586] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000080\n[   54.643398] Mem abort info:\n[   54.646204]   ESR = 0x0000000096000004\n[   54.649964]   EC = 0x25: DABT (current EL), IL = 32 bits\n[   54.655286]   SET = 0, FnV = 0\n[   54.658348]   EA = 0, S1PTW = 0\n[   54.661498]   FSC = 0x04: level 0 translation fault\n[   54.666391] Data abort info:\n[   54.669273]   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[   54.674768]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[   54.674771]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[   54.674775] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000048860000\n[   54.674780] [0000000000000080] pgd=0000000000000000, p4d=0000000000000000\n[   54.703880] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[   54.710152] Modules linked in: btnxpuart(-) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_spdif snd_soc_imx_card snd_soc_ak5558 snd_soc_ak4458 caam secvio error snd_soc_fsl_micfil snd_soc_fsl_spdif snd_soc_fsl_sai snd_soc_fsl_utils imx_pcm_dma gpio_ir_recv rc_core sch_fq_codel fuse\n[   54.744357] CPU: 3 PID: 72 Comm: kworker/u9:0 Not tainted 6.6.3-otbr-g128004619037 #2\n[   54.744364] Hardware name: FSL i.MX8MM EVK board (DT)\n[   54.744368] Workqueue: hci0 hci_power_on\n[   54.757244] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[   54.757249] pc : kfree_skb_reason+0x18/0xb0\n[   54.772299] lr : btnxpuart_flush+0x40/0x58 [btnxpuart]\n[   54.782921] sp : ffff8000805ebca0\n[   54.782923] x29: ffff8000805ebca0 x28: ffffa5c6cf1869c0 x27: ffffa5c6cf186000\n[   54.782931] x26: ffff377b84852400 x25: ffff377b848523c0 x24: ffff377b845e7230\n[   54.782938] x23: ffffa5c6ce8dbe08 x22: ffffa5c6ceb65410 x21: 00000000ffffff92\n[   54.782945] x20: ffffa5c6ce8dbe98 x19: ffffffffffffffac x18: ffffffffffffffff\n[   54.807651] x17: 0000000000000000 x16: ffffa5c6ce2824ec x15: ffff8001005eb857\n[   54.821917] x14: 0000000000000000 x13: ffffa5c6cf1a02e0 x12: 0000000000000642\n[   54.821924] x11: 0000000000000040 x10: ffffa5c6cf19d690 x9 : ffffa5c6cf19d688\n[   54.821931] x8 : ffff377b86000028 x7 : 0000000000000000 x6 : 0000000000000000\n[   54.821938] x5 : ffff377b86000000 x4 : 0000000000000000 x3 : 0000000000000000\n[   54.843331] x2 : 0000000000000000 x1 : 0000000000000002 x0 : ffffffffffffffac\n[   54.857599] Call trace:\n[   54.857601]  kfree_skb_reason+0x18/0xb0\n[   54.863878]  btnxpuart_flush+0x40/0x58 [btnxpuart]\n[   54.863888]  hci_dev_open_sync+0x3a8/0xa04\n[   54.872773]  hci_power_on+0x54/0x2e4\n[   54.881832]  process_one_work+0x138/0x260\n[   54.881842]  worker_thread+0x32c/0x438\n[   54.881847]  kthread+0x118/0x11c\n[   54.881853]  ret_from_fork+0x10/0x20\n[   54.896406] Code: a9be7bfd 910003fd f9000bf3 aa0003f3 (b940d400)\n[   54.896410] ---[ end trace 0000000000000000 ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46749",
               url: "https://www.suse.com/security/cve/CVE-2024-46749",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230780 for CVE-2024-46749",
               url: "https://bugzilla.suse.com/1230780",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46749",
      },
      {
         cve: "CVE-2024-46750",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46750",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Add missing bridge lock to pci_bus_lock()\n\nOne of the true positives that the cfg_access_lock lockdep effort\nidentified is this sequence:\n\n  WARNING: CPU: 14 PID: 1 at drivers/pci/pci.c:4886 pci_bridge_secondary_bus_reset+0x5d/0x70\n  RIP: 0010:pci_bridge_secondary_bus_reset+0x5d/0x70\n  Call Trace:\n   <TASK>\n   ? __warn+0x8c/0x190\n   ? pci_bridge_secondary_bus_reset+0x5d/0x70\n   ? report_bug+0x1f8/0x200\n   ? handle_bug+0x3c/0x70\n   ? exc_invalid_op+0x18/0x70\n   ? asm_exc_invalid_op+0x1a/0x20\n   ? pci_bridge_secondary_bus_reset+0x5d/0x70\n   pci_reset_bus+0x1d8/0x270\n   vmd_probe+0x778/0xa10\n   pci_device_probe+0x95/0x120\n\nWhere pci_reset_bus() users are triggering unlocked secondary bus resets.\nIronically pci_bus_reset(), several calls down from pci_reset_bus(), uses\npci_bus_lock() before issuing the reset which locks everything *but* the\nbridge itself.\n\nFor the same motivation as adding:\n\n  bridge = pci_upstream_bridge(dev);\n  if (bridge)\n    pci_dev_lock(bridge);\n\nto pci_reset_function() for the \"bus\" and \"cxl_bus\" reset cases, add\npci_dev_lock() for @bus->self to pci_bus_lock().\n\n[bhelgaas: squash in recursive locking deadlock fix from Keith Busch:\nhttps://lore.kernel.org/r/20240711193650.701834-1-kbusch@meta.com]",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46750",
               url: "https://www.suse.com/security/cve/CVE-2024-46750",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230783 for CVE-2024-46750",
               url: "https://bugzilla.suse.com/1230783",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46750",
      },
      {
         cve: "CVE-2024-46751",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46751",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()\n\nInstead of doing a BUG_ON() handle the error by returning -EUCLEAN,\naborting the transaction and logging an error message.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46751",
               url: "https://www.suse.com/security/cve/CVE-2024-46751",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230786 for CVE-2024-46751",
               url: "https://bugzilla.suse.com/1230786",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46751",
      },
      {
         cve: "CVE-2024-46752",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46752",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: replace BUG_ON() with error handling at update_ref_for_cow()\n\nInstead of a BUG_ON() just return an error, log an error message and\nabort the transaction in case we find an extent buffer belonging to the\nrelocation tree that doesn't have the full backref flag set. This is\nunexpected and should never happen (save for bugs or a potential bad\nmemory).",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46752",
               url: "https://www.suse.com/security/cve/CVE-2024-46752",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230794 for CVE-2024-46752",
               url: "https://bugzilla.suse.com/1230794",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46752",
      },
      {
         cve: "CVE-2024-46753",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46753",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle errors from btrfs_dec_ref() properly\n\nIn walk_up_proc() we BUG_ON(ret) from btrfs_dec_ref().  This is\nincorrect, we have proper error handling here, return the error.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46753",
               url: "https://www.suse.com/security/cve/CVE-2024-46753",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230796 for CVE-2024-46753",
               url: "https://bugzilla.suse.com/1230796",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46753",
      },
      {
         cve: "CVE-2024-46755",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46755",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()\n\nmwifiex_get_priv_by_id() returns the priv pointer corresponding to\nthe bss_num and bss_type, but without checking if the priv is actually\ncurrently in use.\nUnused priv pointers do not have a wiphy attached to them which can\nlead to NULL pointer dereferences further down the callstack.  Fix\nthis by returning only used priv pointers which have priv->bss_mode\nset to something else than NL80211_IFTYPE_UNSPECIFIED.\n\nSaid NULL pointer dereference happened when an Accesspoint was started\nwith wpa_supplicant -i mlan0 with this config:\n\nnetwork={\n        ssid=\"somessid\"\n        mode=2\n        frequency=2412\n        key_mgmt=WPA-PSK WPA-PSK-SHA256\n        proto=RSN\n        group=CCMP\n        pairwise=CCMP\n        psk=\"12345678\"\n}\n\nWhen waiting for the AP to be established, interrupting wpa_supplicant\nwith <ctrl-c> and starting it again this happens:\n\n| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000140\n| Mem abort info:\n|   ESR = 0x0000000096000004\n|   EC = 0x25: DABT (current EL), IL = 32 bits\n|   SET = 0, FnV = 0\n|   EA = 0, S1PTW = 0\n|   FSC = 0x04: level 0 translation fault\n| Data abort info:\n|   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n|   CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n|   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n| user pgtable: 4k pages, 48-bit VAs, pgdp=0000000046d96000\n| [0000000000000140] pgd=0000000000000000, p4d=0000000000000000\n| Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n| Modules linked in: caam_jr caamhash_desc spidev caamalg_desc crypto_engine authenc libdes mwifiex_sdio\n+mwifiex crct10dif_ce cdc_acm onboard_usb_hub fsl_imx8_ddr_perf imx8m_ddrc rtc_ds1307 lm75 rtc_snvs\n+imx_sdma caam imx8mm_thermal spi_imx error imx_cpufreq_dt fuse ip_tables x_tables ipv6\n| CPU: 0 PID: 8 Comm: kworker/0:1 Not tainted 6.9.0-00007-g937242013fce-dirty #18\n| Hardware name: somemachine (DT)\n| Workqueue: events sdio_irq_work\n| pstate: 00000005 (nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : mwifiex_get_cfp+0xd8/0x15c [mwifiex]\n| lr : mwifiex_get_cfp+0x34/0x15c [mwifiex]\n| sp : ffff8000818b3a70\n| x29: ffff8000818b3a70 x28: ffff000006bfd8a5 x27: 0000000000000004\n| x26: 000000000000002c x25: 0000000000001511 x24: 0000000002e86bc9\n| x23: ffff000006bfd996 x22: 0000000000000004 x21: ffff000007bec000\n| x20: 000000000000002c x19: 0000000000000000 x18: 0000000000000000\n| x17: 000000040044ffff x16: 00500072b5503510 x15: ccc283740681e517\n| x14: 0201000101006d15 x13: 0000000002e8ff43 x12: 002c01000000ffb1\n| x11: 0100000000000000 x10: 02e8ff43002c0100 x9 : 0000ffb100100157\n| x8 : ffff000003d20000 x7 : 00000000000002f1 x6 : 00000000ffffe124\n| x5 : 0000000000000001 x4 : 0000000000000003 x3 : 0000000000000000\n| x2 : 0000000000000000 x1 : 0001000000011001 x0 : 0000000000000000\n| Call trace:\n|  mwifiex_get_cfp+0xd8/0x15c [mwifiex]\n|  mwifiex_parse_single_response_buf+0x1d0/0x504 [mwifiex]\n|  mwifiex_handle_event_ext_scan_report+0x19c/0x2f8 [mwifiex]\n|  mwifiex_process_sta_event+0x298/0xf0c [mwifiex]\n|  mwifiex_process_event+0x110/0x238 [mwifiex]\n|  mwifiex_main_process+0x428/0xa44 [mwifiex]\n|  mwifiex_sdio_interrupt+0x64/0x12c [mwifiex_sdio]\n|  process_sdio_pending_irqs+0x64/0x1b8\n|  sdio_irq_work+0x4c/0x7c\n|  process_one_work+0x148/0x2a0\n|  worker_thread+0x2fc/0x40c\n|  kthread+0x110/0x114\n|  ret_from_fork+0x10/0x20\n| Code: a94153f3 a8c37bfd d50323bf d65f03c0 (f940a000)\n| ---[ end trace 0000000000000000 ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46755",
               url: "https://www.suse.com/security/cve/CVE-2024-46755",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230802 for CVE-2024-46755",
               url: "https://bugzilla.suse.com/1230802",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46755",
      },
      {
         cve: "CVE-2024-46756",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46756",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46756",
               url: "https://www.suse.com/security/cve/CVE-2024-46756",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230806 for CVE-2024-46756",
               url: "https://bugzilla.suse.com/1230806",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46756",
      },
      {
         cve: "CVE-2024-46757",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46757",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46757",
               url: "https://www.suse.com/security/cve/CVE-2024-46757",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230809 for CVE-2024-46757",
               url: "https://bugzilla.suse.com/1230809",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46757",
      },
      {
         cve: "CVE-2024-46758",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46758",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46758",
               url: "https://www.suse.com/security/cve/CVE-2024-46758",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230812 for CVE-2024-46758",
               url: "https://bugzilla.suse.com/1230812",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 0,
                  baseSeverity: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46758",
      },
      {
         cve: "CVE-2024-46759",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46759",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (adc128d818) Fix underflows seen when writing limit attributes\n\nDIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large\nnegative number such as -9223372036854775808 is provided by the user.\nFix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46759",
               url: "https://www.suse.com/security/cve/CVE-2024-46759",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230814 for CVE-2024-46759",
               url: "https://bugzilla.suse.com/1230814",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 2.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46759",
      },
      {
         cve: "CVE-2024-46760",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46760",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: usb: schedule rx work after everything is set up\n\nRight now it's possible to hit NULL pointer dereference in\nrtw_rx_fill_rx_status on hw object and/or its fields because\ninitialization routine can start getting USB replies before\nrtw_dev is fully setup.\n\nThe stack trace looks like this:\n\nrtw_rx_fill_rx_status\nrtw8821c_query_rx_desc\nrtw_usb_rx_handler\n...\nqueue_work\nrtw_usb_read_port_complete\n...\nusb_submit_urb\nrtw_usb_rx_resubmit\nrtw_usb_init_rx\nrtw_usb_probe\n\nSo while we do the async stuff rtw_usb_probe continues and calls\nrtw_register_hw, which does all kinds of initialization (e.g.\nvia ieee80211_register_hw) that rtw_rx_fill_rx_status relies on.\n\nFix this by moving the first usb_submit_urb after everything\nis set up.\n\nFor me, this bug manifested as:\n[    8.893177] rtw_8821cu 1-1:1.2: band wrong, packet dropped\n[    8.910904] rtw_8821cu 1-1:1.2: hw->conf.chandef.chan NULL in rtw_rx_fill_rx_status\nbecause I'm using Larry's backport of rtw88 driver with the NULL\nchecks in rtw_rx_fill_rx_status.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46760",
               url: "https://www.suse.com/security/cve/CVE-2024-46760",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230753 for CVE-2024-46760",
               url: "https://bugzilla.suse.com/1230753",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46760",
      },
      {
         cve: "CVE-2024-46761",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46761",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\npci/hotplug/pnv_php: Fix hotplug driver crash on Powernv\n\nThe hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel\ncrash when we try to hot-unplug/disable the PCIe switch/bridge from\nthe PHB.\n\nThe crash occurs because although the MSI data structure has been\nreleased during disable/hot-unplug path and it has been assigned\nwith NULL, still during unregistration the code was again trying to\nexplicitly disable the MSI which causes the NULL pointer dereference and\nkernel crash.\n\nThe patch fixes the check during unregistration path to prevent invoking\npci_disable_msi/msix() since its data structure is already freed.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46761",
               url: "https://www.suse.com/security/cve/CVE-2024-46761",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230761 for CVE-2024-46761",
               url: "https://bugzilla.suse.com/1230761",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46761",
      },
      {
         cve: "CVE-2024-46767",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46767",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: Fix missing of_node_put() for leds\n\nThe call of of_get_child_by_name() will cause refcount incremented\nfor leds, if it succeeds, it should call of_node_put() to decrease\nit, fix it.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46767",
               url: "https://www.suse.com/security/cve/CVE-2024-46767",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230787 for CVE-2024-46767",
               url: "https://bugzilla.suse.com/1230787",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46767",
      },
      {
         cve: "CVE-2024-46771",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46771",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)->bound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)->bound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)->bcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet's clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry 'can-bcm/2456' already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 <0f> 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS:  00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n <TASK>\n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n </TASK>\nremove_proc_entry: removing non-empty directory 'net/can-bcm', leaking at least '2456'",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46771",
               url: "https://www.suse.com/security/cve/CVE-2024-46771",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230766 for CVE-2024-46771",
               url: "https://bugzilla.suse.com/1230766",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46771",
      },
      {
         cve: "CVE-2024-46772",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46772",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check denominator crb_pipes before used\n\n[WHAT & HOW]\nA denominator cannot be 0, and is checked before used.\n\nThis fixes 2 DIVIDE_BY_ZERO issues reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46772",
               url: "https://www.suse.com/security/cve/CVE-2024-46772",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230772 for CVE-2024-46772",
               url: "https://bugzilla.suse.com/1230772",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46772",
      },
      {
         cve: "CVE-2024-46773",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46773",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check denominator pbn_div before used\n\n[WHAT & HOW]\nA denominator cannot be 0, and is checked before used.\n\nThis fixes 1 DIVIDE_BY_ZERO issue reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46773",
               url: "https://www.suse.com/security/cve/CVE-2024-46773",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230791 for CVE-2024-46773",
               url: "https://bugzilla.suse.com/1230791",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46773",
      },
      {
         cve: "CVE-2024-46774",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46774",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()\n\nSmatch warns:\n\n  arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential\n  spectre issue 'args.args' [r] (local cap)\n\nThe 'nargs' and 'nret' locals come directly from a user-supplied\nbuffer and are used as indexes into a small stack-based array and as\ninputs to copy_to_user() after they are subject to bounds checks.\n\nUse array_index_nospec() after the bounds checks to clamp these values\nfor speculative execution.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46774",
               url: "https://www.suse.com/security/cve/CVE-2024-46774",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230767 for CVE-2024-46774",
               url: "https://bugzilla.suse.com/1230767",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46774",
      },
      {
         cve: "CVE-2024-46776",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46776",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Run DC_LOG_DC after checking link->link_enc\n\n[WHAT]\nThe DC_LOG_DC should be run after link->link_enc is checked, not before.\n\nThis fixes 1 REVERSE_INULL issue reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46776",
               url: "https://www.suse.com/security/cve/CVE-2024-46776",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230775 for CVE-2024-46776",
               url: "https://bugzilla.suse.com/1230775",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46776",
      },
      {
         cve: "CVE-2024-46778",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46778",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check UnboundedRequestEnabled's value\n\nCalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled\nis a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus\nif (p->UnboundedRequestEnabled) checks its address, not bool value.\n\nThis fixes 1 REVERSE_INULL issue reported by Coverity.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46778",
               url: "https://www.suse.com/security/cve/CVE-2024-46778",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230776 for CVE-2024-46778",
               url: "https://bugzilla.suse.com/1230776",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46778",
      },
      {
         cve: "CVE-2024-46780",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46780",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: protect references to superblock parameters exposed in sysfs\n\nThe superblock buffers of nilfs2 can not only be overwritten at runtime\nfor modifications/repairs, but they are also regularly swapped, replaced\nduring resizing, and even abandoned when degrading to one side due to\nbacking device issues.  So, accessing them requires mutual exclusion using\nthe reader/writer semaphore \"nilfs->ns_sem\".\n\nSome sysfs attribute show methods read this superblock buffer without the\nnecessary mutual exclusion, which can cause problems with pointer\ndereferencing and memory access, so fix it.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46780",
               url: "https://www.suse.com/security/cve/CVE-2024-46780",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230808 for CVE-2024-46780",
               url: "https://bugzilla.suse.com/1230808",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46780",
      },
      {
         cve: "CVE-2024-46781",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46781",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix missing cleanup on rollforward recovery error\n\nIn an error injection test of a routine for mount-time recovery, KASAN\nfound a use-after-free bug.\n\nIt turned out that if data recovery was performed using partial logs\ncreated by dsync writes, but an error occurred before starting the log\nwriter to create a recovered checkpoint, the inodes whose data had been\nrecovered were left in the ns_dirty_files list of the nilfs object and\nwere not freed.\n\nFix this issue by cleaning up inodes that have read the recovery data if\nthe recovery routine fails midway before the log writer starts.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46781",
               url: "https://www.suse.com/security/cve/CVE-2024-46781",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230768 for CVE-2024-46781",
               url: "https://bugzilla.suse.com/1230768",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46781",
      },
      {
         cve: "CVE-2024-46783",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46783",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: fix return value of tcp_bpf_sendmsg()\n\nWhen we cork messages in psock->cork, the last message triggers the\nflushing will result in sending a sk_msg larger than the current\nmessage size. In this case, in tcp_bpf_send_verdict(), 'copied' becomes\nnegative at least in the following case:\n\n468         case __SK_DROP:\n469         default:\n470                 sk_msg_free_partial(sk, msg, tosend);\n471                 sk_msg_apply_bytes(psock, tosend);\n472                 *copied -= (tosend + delta); // <==== HERE\n473                 return -EACCES;\n\nTherefore, it could lead to the following BUG with a proper value of\n'copied' (thanks to syzbot). We should not use negative 'copied' as a\nreturn value here.\n\n  ------------[ cut here ]------------\n  kernel BUG at net/socket.c:733!\n  Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n  Modules linked in:\n  CPU: 0 UID: 0 PID: 3265 Comm: syz-executor510 Not tainted 6.11.0-rc3-syzkaller-00060-gd07b43284ab3 #0\n  Hardware name: linux,dummy-virt (DT)\n  pstate: 61400009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n  pc : sock_sendmsg_nosec net/socket.c:733 [inline]\n  pc : sock_sendmsg_nosec net/socket.c:728 [inline]\n  pc : __sock_sendmsg+0x5c/0x60 net/socket.c:745\n  lr : sock_sendmsg_nosec net/socket.c:730 [inline]\n  lr : __sock_sendmsg+0x54/0x60 net/socket.c:745\n  sp : ffff800088ea3b30\n  x29: ffff800088ea3b30 x28: fbf00000062bc900 x27: 0000000000000000\n  x26: ffff800088ea3bc0 x25: ffff800088ea3bc0 x24: 0000000000000000\n  x23: f9f00000048dc000 x22: 0000000000000000 x21: ffff800088ea3d90\n  x20: f9f00000048dc000 x19: ffff800088ea3d90 x18: 0000000000000001\n  x17: 0000000000000000 x16: 0000000000000000 x15: 000000002002ffaf\n  x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n  x11: 0000000000000000 x10: ffff8000815849c0 x9 : ffff8000815b49c0\n  x8 : 0000000000000000 x7 : 000000000000003f x6 : 0000000000000000\n  x5 : 00000000000007e0 x4 : fff07ffffd239000 x3 : fbf00000062bc900\n  x2 : 0000000000000000 x1 : 0000000000000000 x0 : 00000000fffffdef\n  Call trace:\n   sock_sendmsg_nosec net/socket.c:733 [inline]\n   __sock_sendmsg+0x5c/0x60 net/socket.c:745\n   ____sys_sendmsg+0x274/0x2ac net/socket.c:2597\n   ___sys_sendmsg+0xac/0x100 net/socket.c:2651\n   __sys_sendmsg+0x84/0xe0 net/socket.c:2680\n   __do_sys_sendmsg net/socket.c:2689 [inline]\n   __se_sys_sendmsg net/socket.c:2687 [inline]\n   __arm64_sys_sendmsg+0x24/0x30 net/socket.c:2687\n   __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n   invoke_syscall+0x48/0x110 arch/arm64/kernel/syscall.c:49\n   el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:132\n   do_el0_svc+0x1c/0x28 arch/arm64/kernel/syscall.c:151\n   el0_svc+0x34/0xec arch/arm64/kernel/entry-common.c:712\n   el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:730\n   el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598\n  Code: f9404463 d63f0060 3108441f 54fffe81 (d4210000)\n  ---[ end trace 0000000000000000 ]---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46783",
               url: "https://www.suse.com/security/cve/CVE-2024-46783",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230810 for CVE-2024-46783",
               url: "https://bugzilla.suse.com/1230810",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46783",
      },
      {
         cve: "CVE-2024-46784",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46784",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup\n\nCurrently napi_disable() gets called during rxq and txq cleanup,\neven before napi is enabled and hrtimer is initialized. It causes\nkernel panic.\n\n? page_fault_oops+0x136/0x2b0\n  ? page_counter_cancel+0x2e/0x80\n  ? do_user_addr_fault+0x2f2/0x640\n  ? refill_obj_stock+0xc4/0x110\n  ? exc_page_fault+0x71/0x160\n  ? asm_exc_page_fault+0x27/0x30\n  ? __mmdrop+0x10/0x180\n  ? __mmdrop+0xec/0x180\n  ? hrtimer_active+0xd/0x50\n  hrtimer_try_to_cancel+0x2c/0xf0\n  hrtimer_cancel+0x15/0x30\n  napi_disable+0x65/0x90\n  mana_destroy_rxq+0x4c/0x2f0\n  mana_create_rxq.isra.0+0x56c/0x6d0\n  ? mana_uncfg_vport+0x50/0x50\n  mana_alloc_queues+0x21b/0x320\n  ? skb_dequeue+0x5f/0x80",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46784",
               url: "https://www.suse.com/security/cve/CVE-2024-46784",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230771 for CVE-2024-46784",
               url: "https://bugzilla.suse.com/1230771",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46784",
      },
      {
         cve: "CVE-2024-46786",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46786",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF\n\nThe fscache_cookie_lru_timer is initialized when the fscache module\nis inserted, but is not deleted when the fscache module is removed.\nIf timer_reduce() is called before removing the fscache module,\nthe fscache_cookie_lru_timer will be added to the timer list of\nthe current cpu. Afterwards, a use-after-free will be triggered\nin the softIRQ after removing the fscache module, as follows:\n\n==================================================================\nBUG: unable to handle page fault for address: fffffbfff803c9e9\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855\nTainted: [W]=WARN\nRIP: 0010:__run_timer_base.part.0+0x254/0x8a0\nCall Trace:\n <IRQ>\n tmigr_handle_remote_up+0x627/0x810\n __walk_groups.isra.0+0x47/0x140\n tmigr_handle_remote+0x1fa/0x2f0\n handle_softirqs+0x180/0x590\n irq_exit_rcu+0x84/0xb0\n sysvec_apic_timer_interrupt+0x6e/0x90\n </IRQ>\n <TASK>\n asm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:default_idle+0xf/0x20\n default_idle_call+0x38/0x60\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x54/0x60\n start_secondary+0x20d/0x280\n common_startup_64+0x13e/0x148\n </TASK>\nModules linked in: [last unloaded: netfs]\n==================================================================\n\nTherefore delete fscache_cookie_lru_timer when removing the fscahe module.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46786",
               url: "https://www.suse.com/security/cve/CVE-2024-46786",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230813 for CVE-2024-46786",
               url: "https://bugzilla.suse.com/1230813",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46786",
      },
      {
         cve: "CVE-2024-46787",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46787",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nuserfaultfd: fix checks for huge PMDs\n\nPatch series \"userfaultfd: fix races around pmd_trans_huge() check\", v2.\n\nThe pmd_trans_huge() code in mfill_atomic() is wrong in three different\nways depending on kernel version:\n\n1. The pmd_trans_huge() check is racy and can lead to a BUG_ON() (if you hit\n   the right two race windows) - I've tested this in a kernel build with\n   some extra mdelay() calls. See the commit message for a description\n   of the race scenario.\n   On older kernels (before 6.5), I think the same bug can even\n   theoretically lead to accessing transhuge page contents as a page table\n   if you hit the right 5 narrow race windows (I haven't tested this case).\n2. As pointed out by Qi Zheng, pmd_trans_huge() is not sufficient for\n   detecting PMDs that don't point to page tables.\n   On older kernels (before 6.5), you'd just have to win a single fairly\n   wide race to hit this.\n   I've tested this on 6.1 stable by racing migration (with a mdelay()\n   patched into try_to_migrate()) against UFFDIO_ZEROPAGE - on my x86\n   VM, that causes a kernel oops in ptlock_ptr().\n3. On newer kernels (>=6.5), for shmem mappings, khugepaged is allowed\n   to yank page tables out from under us (though I haven't tested that),\n   so I think the BUG_ON() checks in mfill_atomic() are just wrong.\n\nI decided to write two separate fixes for these (one fix for bugs 1+2, one\nfix for bug 3), so that the first fix can be backported to kernels\naffected by bugs 1+2.\n\n\nThis patch (of 2):\n\nThis fixes two issues.\n\nI discovered that the following race can occur:\n\n  mfill_atomic                other thread\n  ============                ============\n                              <zap PMD>\n  pmdp_get_lockless() [reads none pmd]\n  <bail if trans_huge>\n  <if none:>\n                              <pagefault creates transhuge zeropage>\n    __pte_alloc [no-op]\n                              <zap PMD>\n  <bail if pmd_trans_huge(*dst_pmd)>\n  BUG_ON(pmd_none(*dst_pmd))\n\nI have experimentally verified this in a kernel with extra mdelay() calls;\nthe BUG_ON(pmd_none(*dst_pmd)) triggers.\n\nOn kernels newer than commit 0d940a9b270b (\"mm/pgtable: allow\npte_offset_map[_lock]() to fail\"), this can't lead to anything worse than\na BUG_ON(), since the page table access helpers are actually designed to\ndeal with page tables concurrently disappearing; but on older kernels\n(<=6.4), I think we could probably theoretically race past the two\nBUG_ON() checks and end up treating a hugepage as a page table.\n\nThe second issue is that, as Qi Zheng pointed out, there are other types\nof huge PMDs that pmd_trans_huge() can't catch: devmap PMDs and swap PMDs\n(in particular, migration PMDs).\n\nOn <=6.4, this is worse than the first issue: If mfill_atomic() runs on a\nPMD that contains a migration entry (which just requires winning a single,\nfairly wide race), it will pass the PMD to pte_offset_map_lock(), which\nassumes that the PMD points to a page table.\n\nBreakage follows: First, the kernel tries to take the PTE lock (which will\ncrash or maybe worse if there is no \"struct page\" for the address bits in\nthe migration entry PMD - I think at least on X86 there usually is no\ncorresponding \"struct page\" thanks to the PTE inversion mitigation, amd64\nlooks different).\n\nIf that didn't crash, the kernel would next try to write a PTE into what\nit wrongly thinks is a page table.\n\nAs part of fixing these issues, get rid of the check for pmd_trans_huge()\nbefore __pte_alloc() - that's redundant, we're going to have to check for\nthat after the __pte_alloc() anyway.\n\nBackport note: pmdp_get_lockless() is pmd_read_atomic() in older kernels.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46787",
               url: "https://www.suse.com/security/cve/CVE-2024-46787",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230815 for CVE-2024-46787",
               url: "https://bugzilla.suse.com/1230815",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46787",
      },
      {
         cve: "CVE-2024-46791",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46791",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open\n\nThe mcp251x_hw_wake() function is called with the mpc_lock mutex held and\ndisables the interrupt handler so that no interrupts can be processed while\nwaking the device. If an interrupt has already occurred then waiting for\nthe interrupt handler to complete will deadlock because it will be trying\nto acquire the same mutex.\n\nCPU0                           CPU1\n----                           ----\nmcp251x_open()\n mutex_lock(&priv->mcp_lock)\n  request_threaded_irq()\n                               <interrupt>\n                               mcp251x_can_ist()\n                                mutex_lock(&priv->mcp_lock)\n  mcp251x_hw_wake()\n   disable_irq() <-- deadlock\n\nUse disable_irq_nosync() instead because the interrupt handler does\neverything while holding the mutex so it doesn't matter if it's still\nrunning.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46791",
               url: "https://www.suse.com/security/cve/CVE-2024-46791",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230821 for CVE-2024-46791",
               url: "https://bugzilla.suse.com/1230821",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46791",
      },
      {
         cve: "CVE-2024-46794",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46794",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Fix data leak in mmio_read()\n\nThe mmio_read() function makes a TDVMCALL to retrieve MMIO data for an\naddress from the VMM.\n\nSean noticed that mmio_read() unintentionally exposes the value of an\ninitialized variable (val) on the stack to the VMM.\n\nThis variable is only needed as an output value. It did not need to be\npassed to the VMM in the first place.\n\nDo not send the original value of *val to the VMM.\n\n[ dhansen: clarify what 'val' is used for. ]",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46794",
               url: "https://www.suse.com/security/cve/CVE-2024-46794",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230825 for CVE-2024-46794",
               url: "https://bugzilla.suse.com/1230825",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "low",
            },
         ],
         title: "CVE-2024-46794",
      },
      {
         cve: "CVE-2024-46797",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46797",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/qspinlock: Fix deadlock in MCS queue\n\nIf an interrupt occurs in queued_spin_lock_slowpath() after we increment\nqnodesp->count and before node->lock is initialized, another CPU might\nsee stale lock values in get_tail_qnode(). If the stale lock value happens\nto match the lock on that CPU, then we write to the \"next\" pointer of\nthe wrong qnode. This causes a deadlock as the former CPU, once it becomes\nthe head of the MCS queue, will spin indefinitely until it's \"next\" pointer\nis set by its successor in the queue.\n\nRunning stress-ng on a 16 core (16EC/16VP) shared LPAR, results in\noccasional lockups similar to the following:\n\n   $ stress-ng --all 128 --vm-bytes 80% --aggressive \\\n               --maximize --oomable --verify  --syslog \\\n               --metrics  --times  --timeout 5m\n\n   watchdog: CPU 15 Hard LOCKUP\n   ......\n   NIP [c0000000000b78f4] queued_spin_lock_slowpath+0x1184/0x1490\n   LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n   Call Trace:\n    0xc000002cfffa3bf0 (unreliable)\n    _raw_spin_lock+0x6c/0x90\n    raw_spin_rq_lock_nested.part.135+0x4c/0xd0\n    sched_ttwu_pending+0x60/0x1f0\n    __flush_smp_call_function_queue+0x1dc/0x670\n    smp_ipi_demux_relaxed+0xa4/0x100\n    xive_muxed_ipi_action+0x20/0x40\n    __handle_irq_event_percpu+0x80/0x240\n    handle_irq_event_percpu+0x2c/0x80\n    handle_percpu_irq+0x84/0xd0\n    generic_handle_irq+0x54/0x80\n    __do_irq+0xac/0x210\n    __do_IRQ+0x74/0xd0\n    0x0\n    do_IRQ+0x8c/0x170\n    hardware_interrupt_common_virt+0x29c/0x2a0\n   --- interrupt: 500 at queued_spin_lock_slowpath+0x4b8/0x1490\n   ......\n   NIP [c0000000000b6c28] queued_spin_lock_slowpath+0x4b8/0x1490\n   LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n   --- interrupt: 500\n    0xc0000029c1a41d00 (unreliable)\n    _raw_spin_lock+0x6c/0x90\n    futex_wake+0x100/0x260\n    do_futex+0x21c/0x2a0\n    sys_futex+0x98/0x270\n    system_call_exception+0x14c/0x2f0\n    system_call_vectored_common+0x15c/0x2ec\n\nThe following code flow illustrates how the deadlock occurs.\nFor the sake of brevity, assume that both locks (A and B) are\ncontended and we call the queued_spin_lock_slowpath() function.\n\n        CPU0                                   CPU1\n        ----                                   ----\n  spin_lock_irqsave(A)                          |\n  spin_unlock_irqrestore(A)                     |\n    spin_lock(B)                                |\n         |                                      |\n         â–Ľ                                      |\n   id = qnodesp->count++;                       |\n  (Note that nodes[0].lock == A)                |\n         |                                      |\n         â–Ľ                                      |\n      Interrupt                                 |\n  (happens before \"nodes[0].lock = B\")          |\n         |                                      |\n         â–Ľ                                      |\n  spin_lock_irqsave(A)                          |\n         |                                      |\n         â–Ľ                                      |\n   id = qnodesp->count++                        |\n   nodes[1].lock = A                            |\n         |                                      |\n         â–Ľ                                      |\n  Tail of MCS queue                             |\n         |                             spin_lock_irqsave(A)\n         â–Ľ                                      |\n  Head of MCS queue                             â–Ľ\n         |                             CPU0 is previous tail\n         â–Ľ                                      |\n   Spin indefinitely                            â–Ľ\n  (until \"nodes[1].next != NULL\")      prev = get_tail_qnode(A, CPU0)\n                                                |\n                                                â–Ľ\n                                       prev == &qnodes[CPU0].nodes[0]\n                                     (as qnodes\n---truncated---",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46797",
               url: "https://www.suse.com/security/cve/CVE-2024-46797",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230831 for CVE-2024-46797",
               url: "https://bugzilla.suse.com/1230831",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46797",
      },
      {
         cve: "CVE-2024-46798",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46798",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: dapm: Fix UAF for snd_soc_pcm_runtime object\n\nWhen using kernel with the following extra config,\n\n  - CONFIG_KASAN=y\n  - CONFIG_KASAN_GENERIC=y\n  - CONFIG_KASAN_INLINE=y\n  - CONFIG_KASAN_VMALLOC=y\n  - CONFIG_FRAME_WARN=4096\n\nkernel detects that snd_pcm_suspend_all() access a freed\n'snd_soc_pcm_runtime' object when the system is suspended, which\nleads to a use-after-free bug:\n\n[   52.047746] BUG: KASAN: use-after-free in snd_pcm_suspend_all+0x1a8/0x270\n[   52.047765] Read of size 1 at addr ffff0000b9434d50 by task systemd-sleep/2330\n\n[   52.047785] Call trace:\n[   52.047787]  dump_backtrace+0x0/0x3c0\n[   52.047794]  show_stack+0x34/0x50\n[   52.047797]  dump_stack_lvl+0x68/0x8c\n[   52.047802]  print_address_description.constprop.0+0x74/0x2c0\n[   52.047809]  kasan_report+0x210/0x230\n[   52.047815]  __asan_report_load1_noabort+0x3c/0x50\n[   52.047820]  snd_pcm_suspend_all+0x1a8/0x270\n[   52.047824]  snd_soc_suspend+0x19c/0x4e0\n\nThe snd_pcm_sync_stop() has a NULL check on 'substream->runtime' before\nmaking any access. So we need to always set 'substream->runtime' to NULL\neverytime we kfree() it.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46798",
               url: "https://www.suse.com/security/cve/CVE-2024-46798",
            },
            {
               category: "external",
               summary: "SUSE Bug 1230830 for CVE-2024-46798",
               url: "https://bugzilla.suse.com/1230830",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46798",
      },
      {
         cve: "CVE-2024-46822",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2024-46822",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry\n\nIn a review discussion of the changes to support vCPU hotplug where\na check was added on the GICC being enabled if was online, it was\nnoted that there is need to map back to the cpu and use that to index\ninto a cpumask. As such, a valid ID is needed.\n\nIf an MPIDR check fails in acpi_map_gic_cpu_interface() it is possible\nfor the entry in cpu_madt_gicc[cpu] == NULL.  This function would\nthen cause a NULL pointer dereference.   Whilst a path to trigger\nthis has not been established, harden this caller against the\npossibility.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2024-46822",
               url: "https://www.suse.com/security/cve/CVE-2024-46822",
            },
            {
               category: "external",
               summary: "SUSE Bug 1231120 for CVE-2024-46822",
               url: "https://bugzilla.suse.com/1231120",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.6.coco15sp6.1.noarch",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
                  "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.6.coco15sp6.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2024-10-08T15:10:23Z",
               details: "moderate",
            },
         ],
         title: "CVE-2024-46822",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.