Vulnerability from csaf_suse
Published
2025-03-05 13:04
Modified
2025-03-05 13:04
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race (bsc#1222672).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50185: mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
The following non-security bugs were fixed:
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- KVM: SVM: Propagate error from snp_guest_req_init() to userspace (jsc#PED-348).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (jsc#PED-6143).
- KVM: x86/mmu: Skip the 'try unsync' path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- Pickup RXE code change introduced by upstream.
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Revert 'blk-throttle: Fix IO hang for a corner case' (git-fixes).
- Revert 'drm/amd/display: Use HW lock mgr for PSR1' (stable-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- doc: update managed_irq documentation (bsc#1236897).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- hfs: Sanity check the root record (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kvm: svm: Fix gctx page leak on invalid inputs (jsc#PED-348).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (bsc#1235933 bsc#1235932).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools: fix annoying 'mkdir -p ...' logs when building tools in parallel (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- x86/xen: Grab mm lock before grabbing pt lock (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
Patchnames
SUSE-2025-784,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-784
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race (bsc#1222672).\n- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).\n- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).\n- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).\n- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).\n- CVE-2024-50185: mptcp: handle consistently DSS corruption (bsc#1233109).\n- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).\n- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).\n- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).\n- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).\n- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).\n- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).\n- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n\nThe following non-security bugs were fixed:\n\n- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).\n- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).\n- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).\n- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).\n- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).\n- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).\n- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).\n- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).\n- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).\n- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).\n- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).\n- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).\n- HID: Wacom: Add PCI Wacom device support (stable-fixes).\n- HID: hid-steam: Add Deck IMU support (stable-fixes).\n- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).\n- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).\n- HID: hid-steam: Clean up locking (stable-fixes).\n- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).\n- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).\n- HID: hid-steam: Fix cleanup in probe() (git-fixes).\n- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).\n- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).\n- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).\n- HID: hid-steam: remove pointless error message (stable-fixes).\n- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).\n- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).\n- Input: allocate keycode for phone linking (stable-fixes).\n- KVM: SVM: Propagate error from snp_guest_req_init() to userspace (jsc#PED-348).\n- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).\n- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).\n- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).\n- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).\n- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).\n- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).\n- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).\n- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)\n- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).\n- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).\n- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).\n- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).\n- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (jsc#PED-6143).\n- KVM: x86/mmu: Skip the 'try unsync' path iff the old SPTE was a leaf SPTE (git-fixes).\n- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).\n- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).\n- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).\n- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).\n- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).\n- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).\n- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).\n- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).\n- PCI: Use downstream bridges for distributing resources (bsc#1237325).\n- PCI: hookup irq_get_affinity callback (bsc#1236896).\n- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).\n- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).\n- Pickup RXE code change introduced by upstream.\n- RDMA/efa: Reset device on probe failure (git-fixes)\n- RDMA/rxe: Improve newline in printing messages (git-fixes)\n- Revert 'blk-throttle: Fix IO hang for a corner case' (git-fixes).\n- Revert 'drm/amd/display: Use HW lock mgr for PSR1' (stable-fixes).\n- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).\n- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).\n- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).\n- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).\n- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).\n- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).\n- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).\n- USB: serial: option: drop MeiG Smart defines (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- acct: block access to kernel internal filesystems (git-fixes).\n- acct: perform last write from workqueue (git-fixes).\n- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)\n- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)\n- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)\n- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).\n- batman-adv: Drop unmanaged ELP metric worker (git-fixes).\n- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).\n- batman-adv: fix panic during interface removal (git-fixes).\n- bio-integrity: do not restrict the size of integrity metadata (git-fixes).\n- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).\n- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).\n- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).\n- blk-mq: add number of queue calc helper (bsc#1236897).\n- blk-mq: create correct map for fallback case (bsc#1236896).\n- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).\n- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).\n- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).\n- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).\n- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).\n- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).\n- blk_iocost: remove some duplicate irq disable/enables (git-fixes).\n- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).\n- block: Clear zone limits for a non-zoned stacked queue (git-fixes).\n- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).\n- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).\n- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).\n- block: Provide bdev_open_* functions (git-fixes).\n- block: Remove special-casing of compound pages (git-fixes).\n- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).\n- block: add a disk_has_partscan helper (git-fixes).\n- block: add a partscan sysfs attribute for disks (git-fixes).\n- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).\n- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).\n- block: change rq_integrity_vec to respect the iterator (git-fixes).\n- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).\n- block: ensure we hold a queue reference when using queue limits (git-fixes).\n- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).\n- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).\n- block: fix integer overflow in BLKSECDISCARD (git-fixes).\n- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).\n- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).\n- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).\n- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).\n- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).\n- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).\n- block: retry call probe after request_module in blk_request_module (git-fixes).\n- block: return unsigned int from bdev_io_min (git-fixes).\n- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).\n- block: support to account io_ticks precisely (git-fixes).\n- block: use the right type for stub rq_integrity_vec() (git-fixes).\n- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).\n- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).\n- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).\n- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).\n- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).\n- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).\n- can: ctucanfd: handle skb allocation failure (git-fixes).\n- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).\n- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).\n- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).\n- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).\n- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).\n- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).\n- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).\n- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).\n- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).\n- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).\n- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).\n- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).\n- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).\n- cxgb4: Avoid removal of uninserted tid (git-fixes).\n- cxgb4: use port number to set mac addr (git-fixes).\n- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).\n- dlm: fix srcu_read_lock() return type to int (git-fixes).\n- doc: update managed_irq documentation (bsc#1236897).\n- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).\n- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).\n- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).\n- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).\n- drm/amdkfd: only flush the validate MES contex (stable-fixes).\n- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).\n- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).\n- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).\n- drm/i915/selftests: avoid using uninitialized context (git-fixes).\n- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).\n- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).\n- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).\n- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).\n- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).\n- drm/msm: Avoid rounding up to one jiffy (git-fixes).\n- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).\n- drm/virtio: New fence for every plane update (stable-fixes).\n- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).\n- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).\n- eth: gve: use appropriate helper to set xdp_features (git-fixes).\n- exfat: convert to ctime accessor functions (git-fixes).\n- exfat: fix file being changed by unaligned direct write (git-fixes).\n- exfat: fix zero the unwritten part for dio read (git-fixes).\n- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).\n- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).\n- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).\n- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).\n- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).\n- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).\n- hfs: Sanity check the root record (git-fixes).\n- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).\n- iavf: allow changing VLAN state without calling PF (git-fixes).\n- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).\n- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).\n- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).\n- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).\n- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).\n- ice: fix max values for dpll pin phase adjust (git-fixes).\n- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).\n- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).\n- ice: put Rx buffers after being done with current frame (git-fixes).\n- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).\n- ice: use internal pf id instead of function number (git-fixes).\n- idpf: add read memory barrier when checking descriptor done bit (git-fixes).\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661).\n- idpf: convert workqueues to unbound (git-fixes).\n- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).\n- idpf: fix handling rsc packet with a single segment (git-fixes).\n- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).\n- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).\n- igc: return early when failing to read EECD register (git-fixes).\n- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).\n- kabi: fix bus type (bsc#1236896).\n- kabi: fix group_cpus_evenly (bsc#1236897).\n- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).\n- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).\n- kvm: svm: Fix gctx page leak on invalid inputs (jsc#PED-348).\n- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).\n- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).\n- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).\n- lib: stackinit: hide never-taken branch from compiler (stable-fixes).\n- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).\n- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).\n- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).\n- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).\n- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).\n- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).\n- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).\n- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).\n- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).\n- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).\n- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).\n- mptcp: export local_address (git-fixes)\n- mptcp: fix NL PM announced address accounting (git-fixes)\n- mptcp: fix data races on local_id (git-fixes)\n- mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)\n- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)\n- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)\n- mptcp: pm: deny endp with signal + subflow + port (git-fixes)\n- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)\n- mptcp: pm: do not try to create sf if alloc failed (git-fixes)\n- mptcp: pm: fullmesh: select the right ID later (git-fixes)\n- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)\n- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)\n- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)\n- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)\n- mptcp: pm: re-using ID of unused removed subflows (git-fixes)\n- mptcp: pm: reduce indentation blocks (git-fixes)\n- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)\n- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)\n- mptcp: unify pm get_local_id interfaces (git-fixes)\n- mptcp: unify pm set_flags interfaces (git-fixes)\n- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).\n- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).\n- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).\n- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).\n- nbd: Fix signal handling (git-fixes).\n- nbd: Improve the documentation of the locking assumptions (git-fixes).\n- nbd: do not allow reconnect after disconnect (git-fixes).\n- net/mlx5: Correct TASR typo into TSAR (git-fixes).\n- net/mlx5: Fix RDMA TX steering prio (git-fixes).\n- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).\n- net/mlx5: SF, Fix add port error handling (git-fixes).\n- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).\n- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).\n- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).\n- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).\n- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).\n- net: rose: lock the socket in rose_bind() (git-fixes).\n- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).\n- net: smc: fix spurious error message from __sock_release() (bsc#1237126).\n- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).\n- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).\n- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).\n- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).\n- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).\n- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).\n- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).\n- null_blk: fix validation of block size (git-fixes).\n- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).\n- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).\n- padata: Clean up in padata_do_multithreaded() (bsc#1237563).\n- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).\n- partitions: ldm: remove the initial kernel-doc notation (git-fixes).\n- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).\n- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).\n- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).\n- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).\n- platform/x86: ISST: Ignore minor version change (bsc#1237452).\n- platform/x86: acer-wmi: Ignore AC events (stable-fixes).\n- platform/x86: int3472: Check for adev == NULL (stable-fixes).\n- power: supply: da9150-fg: fix potential overflow (git-fixes).\n- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).\n- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).\n- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).\n- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).\n- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (bsc#1235933 bsc#1235932).\n- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967).\n- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).\n- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).\n- rbd: do not move requests to the running list on errors (git-fixes).\n- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).\n- regmap-irq: Add missing kfree() (git-fixes).\n- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).\n- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).\n- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).\n- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).\n- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).\n- s390/pci: Ignore RID for isolated VFs (bsc#1236752).\n- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).\n- s390/pci: Use topology ID for multi-function devices (bsc#1236752).\n- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).\n- s390/topology: Improve topology detection (bsc#1236591).\n- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).\n- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).\n- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).\n- scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- selftest: hugetlb_dio: fix test naming (git-fixes).\n- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).\n- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).\n- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).\n- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).\n- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).\n- selftests: mptcp: connect: -f: no reconnect (git-fixes).\n- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).\n- serial: 8250: Fix fifo underflow on flush (git-fixes).\n- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).\n- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).\n- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).\n- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).\n- spi: sn-f-ospi: Fix division by zero (git-fixes).\n- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).\n- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).\n- tools: fix annoying 'mkdir -p ...' logs when building tools in parallel (git-fixes).\n- ublk: fix error code for unsupported command (git-fixes).\n- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).\n- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).\n- ublk: move zone report data out of request pdu (git-fixes).\n- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).\n- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).\n- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).\n- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).\n- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).\n- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).\n- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).\n- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).\n- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).\n- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).\n- usb: roles: set switch registered flag early on (git-fixes).\n- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).\n- usbnet: ipheth: document scope of NCM implementation (stable-fixes).\n- util_macros.h: fix/rework find_closest() macros (git-fixes).\n- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).\n- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- virtio: hookup irq_get_affinity callback (bsc#1236896).\n- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).\n- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).\n- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).\n- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).\n- wifi: iwlwifi: avoid memory leak (stable-fixes).\n- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).\n- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).\n- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).\n- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).\n- x86/asm: Make serialize() always_inline (git-fixes).\n- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).\n- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).\n- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).\n- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n- x86/xen: Grab mm lock before grabbing pt lock (git-fixes).\n- xen/swiotlb: relax alignment requirements (git-fixes).\n- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-784,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-784", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0784-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0784-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250784-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0784-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020484.html", }, { category: "self", summary: "SUSE Bug 1012628", url: "https://bugzilla.suse.com/1012628", }, { category: "self", summary: "SUSE Bug 1215199", url: "https://bugzilla.suse.com/1215199", }, { category: "self", summary: "SUSE Bug 1219367", url: "https://bugzilla.suse.com/1219367", }, { category: "self", summary: "SUSE Bug 1222672", url: "https://bugzilla.suse.com/1222672", }, { category: "self", summary: "SUSE Bug 1222803", url: "https://bugzilla.suse.com/1222803", }, { category: "self", summary: "SUSE Bug 1225742", url: "https://bugzilla.suse.com/1225742", }, { category: "self", summary: "SUSE Bug 1225981", url: "https://bugzilla.suse.com/1225981", }, { category: "self", summary: "SUSE Bug 1228521", url: "https://bugzilla.suse.com/1228521", }, { category: "self", summary: "SUSE Bug 1230235", url: "https://bugzilla.suse.com/1230235", }, { category: "self", summary: "SUSE Bug 1230438", url: "https://bugzilla.suse.com/1230438", }, { category: "self", summary: "SUSE Bug 1230439", url: "https://bugzilla.suse.com/1230439", }, { category: "self", summary: "SUSE Bug 1231920", url: "https://bugzilla.suse.com/1231920", }, { category: "self", summary: "SUSE Bug 1232159", url: "https://bugzilla.suse.com/1232159", }, { category: "self", summary: "SUSE Bug 1232198", url: "https://bugzilla.suse.com/1232198", }, { category: "self", summary: "SUSE Bug 1232201", url: "https://bugzilla.suse.com/1232201", }, { category: "self", summary: "SUSE Bug 1232508", url: "https://bugzilla.suse.com/1232508", }, { category: "self", summary: "SUSE Bug 1232520", url: "https://bugzilla.suse.com/1232520", }, { category: "self", summary: "SUSE Bug 1232919", url: "https://bugzilla.suse.com/1232919", }, { category: "self", summary: "SUSE Bug 1233109", url: "https://bugzilla.suse.com/1233109", }, { category: "self", summary: "SUSE Bug 1234853", url: "https://bugzilla.suse.com/1234853", }, { category: "self", summary: "SUSE Bug 1234857", url: "https://bugzilla.suse.com/1234857", }, { category: "self", summary: "SUSE Bug 1234891", url: "https://bugzilla.suse.com/1234891", }, { category: "self", summary: "SUSE Bug 1234963", url: "https://bugzilla.suse.com/1234963", }, { category: "self", summary: "SUSE Bug 1235032", url: "https://bugzilla.suse.com/1235032", }, { category: "self", summary: "SUSE Bug 1235054", url: "https://bugzilla.suse.com/1235054", }, { category: "self", summary: "SUSE Bug 1235061", url: "https://bugzilla.suse.com/1235061", }, { category: "self", summary: "SUSE Bug 1235073", url: "https://bugzilla.suse.com/1235073", }, { category: "self", summary: "SUSE Bug 1235435", url: "https://bugzilla.suse.com/1235435", }, { category: "self", summary: "SUSE Bug 1235592", url: "https://bugzilla.suse.com/1235592", }, { category: "self", summary: "SUSE Bug 1235609", url: "https://bugzilla.suse.com/1235609", }, { category: "self", summary: "SUSE Bug 1235932", url: "https://bugzilla.suse.com/1235932", }, { category: "self", summary: "SUSE Bug 1235933", url: "https://bugzilla.suse.com/1235933", }, { category: "self", summary: "SUSE Bug 1236113", url: "https://bugzilla.suse.com/1236113", }, { category: "self", summary: "SUSE Bug 1236114", url: "https://bugzilla.suse.com/1236114", }, { category: "self", summary: "SUSE Bug 1236115", url: "https://bugzilla.suse.com/1236115", }, { category: "self", summary: "SUSE Bug 1236122", url: "https://bugzilla.suse.com/1236122", }, { category: "self", summary: "SUSE Bug 1236123", url: "https://bugzilla.suse.com/1236123", }, { category: "self", summary: "SUSE Bug 1236133", url: "https://bugzilla.suse.com/1236133", }, { category: "self", summary: "SUSE Bug 1236138", url: "https://bugzilla.suse.com/1236138", }, { category: "self", summary: "SUSE Bug 1236199", url: "https://bugzilla.suse.com/1236199", }, { category: "self", summary: "SUSE Bug 1236200", url: "https://bugzilla.suse.com/1236200", }, { category: "self", summary: "SUSE Bug 1236203", url: "https://bugzilla.suse.com/1236203", }, { category: "self", summary: "SUSE Bug 1236205", url: "https://bugzilla.suse.com/1236205", }, { category: "self", summary: "SUSE Bug 1236573", url: "https://bugzilla.suse.com/1236573", }, { category: "self", summary: "SUSE Bug 1236575", url: "https://bugzilla.suse.com/1236575", }, { category: "self", summary: "SUSE Bug 1236576", url: "https://bugzilla.suse.com/1236576", }, { category: "self", summary: "SUSE Bug 1236591", url: "https://bugzilla.suse.com/1236591", }, { category: "self", summary: "SUSE Bug 1236661", url: "https://bugzilla.suse.com/1236661", }, { category: "self", summary: "SUSE Bug 1236677", url: "https://bugzilla.suse.com/1236677", }, { category: "self", summary: "SUSE Bug 1236700", url: "https://bugzilla.suse.com/1236700", }, { category: "self", summary: "SUSE Bug 1236752", url: "https://bugzilla.suse.com/1236752", }, { category: "self", summary: "SUSE Bug 1236821", url: "https://bugzilla.suse.com/1236821", }, { category: "self", summary: "SUSE Bug 1236822", url: "https://bugzilla.suse.com/1236822", }, { category: "self", summary: "SUSE Bug 1236896", url: "https://bugzilla.suse.com/1236896", }, { category: "self", summary: "SUSE Bug 1236897", url: "https://bugzilla.suse.com/1236897", }, { category: "self", summary: "SUSE Bug 1236952", url: "https://bugzilla.suse.com/1236952", }, { category: "self", summary: "SUSE Bug 1236967", url: "https://bugzilla.suse.com/1236967", }, { category: "self", summary: "SUSE Bug 1236994", url: "https://bugzilla.suse.com/1236994", }, { category: "self", summary: "SUSE Bug 1237007", url: "https://bugzilla.suse.com/1237007", }, { category: "self", summary: "SUSE Bug 1237017", url: "https://bugzilla.suse.com/1237017", }, { category: "self", summary: "SUSE Bug 1237025", url: "https://bugzilla.suse.com/1237025", }, { category: "self", summary: "SUSE Bug 1237028", url: "https://bugzilla.suse.com/1237028", }, { category: "self", summary: "SUSE Bug 1237045", url: "https://bugzilla.suse.com/1237045", }, { category: "self", summary: "SUSE Bug 1237126", url: "https://bugzilla.suse.com/1237126", }, { category: "self", summary: "SUSE Bug 1237132", url: "https://bugzilla.suse.com/1237132", }, { category: "self", summary: "SUSE Bug 1237139", url: "https://bugzilla.suse.com/1237139", }, { category: "self", summary: "SUSE Bug 1237155", url: "https://bugzilla.suse.com/1237155", }, { category: "self", summary: "SUSE Bug 1237158", url: "https://bugzilla.suse.com/1237158", }, { category: "self", summary: "SUSE Bug 1237159", url: "https://bugzilla.suse.com/1237159", }, { category: "self", summary: "SUSE Bug 1237232", url: "https://bugzilla.suse.com/1237232", }, { category: "self", summary: "SUSE Bug 1237234", url: "https://bugzilla.suse.com/1237234", }, { category: "self", summary: "SUSE Bug 1237325", url: "https://bugzilla.suse.com/1237325", }, { category: "self", summary: "SUSE Bug 1237415", url: "https://bugzilla.suse.com/1237415", }, { category: "self", summary: "SUSE Bug 1237452", url: "https://bugzilla.suse.com/1237452", }, { category: "self", summary: "SUSE Bug 1237558", url: "https://bugzilla.suse.com/1237558", }, { category: "self", summary: "SUSE Bug 1237562", url: "https://bugzilla.suse.com/1237562", }, { category: "self", summary: "SUSE Bug 1237563", url: "https://bugzilla.suse.com/1237563", }, { category: "self", summary: "SUSE CVE CVE-2023-52924 page", url: "https://www.suse.com/security/cve/CVE-2023-52924/", }, { category: "self", summary: "SUSE CVE CVE-2023-52925 page", url: "https://www.suse.com/security/cve/CVE-2023-52925/", }, { category: "self", summary: "SUSE CVE CVE-2024-26708 page", url: "https://www.suse.com/security/cve/CVE-2024-26708/", }, { category: "self", summary: "SUSE CVE CVE-2024-26810 page", url: "https://www.suse.com/security/cve/CVE-2024-26810/", }, { category: "self", summary: "SUSE CVE CVE-2024-41055 page", url: "https://www.suse.com/security/cve/CVE-2024-41055/", }, { category: "self", summary: "SUSE CVE CVE-2024-44974 page", url: "https://www.suse.com/security/cve/CVE-2024-44974/", }, { category: "self", summary: "SUSE CVE CVE-2024-45009 page", url: "https://www.suse.com/security/cve/CVE-2024-45009/", }, { category: "self", summary: "SUSE CVE CVE-2024-45010 page", url: "https://www.suse.com/security/cve/CVE-2024-45010/", }, { category: "self", summary: "SUSE CVE CVE-2024-47701 page", url: "https://www.suse.com/security/cve/CVE-2024-47701/", }, { category: "self", summary: "SUSE CVE CVE-2024-49884 page", url: "https://www.suse.com/security/cve/CVE-2024-49884/", }, { category: "self", summary: "SUSE CVE CVE-2024-49950 page", url: "https://www.suse.com/security/cve/CVE-2024-49950/", }, { category: "self", summary: "SUSE CVE CVE-2024-50073 page", url: "https://www.suse.com/security/cve/CVE-2024-50073/", }, { category: "self", summary: "SUSE CVE CVE-2024-50085 page", url: "https://www.suse.com/security/cve/CVE-2024-50085/", }, { category: "self", summary: "SUSE CVE CVE-2024-50115 page", url: "https://www.suse.com/security/cve/CVE-2024-50115/", }, { category: "self", summary: "SUSE CVE CVE-2024-50185 page", url: "https://www.suse.com/security/cve/CVE-2024-50185/", }, { category: "self", summary: "SUSE CVE CVE-2024-53147 page", url: "https://www.suse.com/security/cve/CVE-2024-53147/", }, { category: "self", summary: "SUSE CVE CVE-2024-53173 page", url: "https://www.suse.com/security/cve/CVE-2024-53173/", }, { category: "self", summary: "SUSE CVE CVE-2024-53226 page", url: "https://www.suse.com/security/cve/CVE-2024-53226/", }, { category: "self", summary: "SUSE CVE CVE-2024-53239 page", url: "https://www.suse.com/security/cve/CVE-2024-53239/", }, { category: "self", summary: "SUSE CVE CVE-2024-56539 page", url: "https://www.suse.com/security/cve/CVE-2024-56539/", }, { category: "self", summary: "SUSE CVE CVE-2024-56548 page", url: "https://www.suse.com/security/cve/CVE-2024-56548/", }, { category: "self", summary: "SUSE CVE CVE-2024-56568 page", url: "https://www.suse.com/security/cve/CVE-2024-56568/", }, { category: "self", summary: "SUSE CVE CVE-2024-56579 page", url: "https://www.suse.com/security/cve/CVE-2024-56579/", }, { category: "self", summary: "SUSE CVE CVE-2024-56605 page", url: "https://www.suse.com/security/cve/CVE-2024-56605/", }, { category: "self", summary: "SUSE CVE CVE-2024-56647 page", url: "https://www.suse.com/security/cve/CVE-2024-56647/", }, { category: "self", summary: "SUSE CVE CVE-2024-56720 page", url: "https://www.suse.com/security/cve/CVE-2024-56720/", }, { category: "self", summary: "SUSE CVE CVE-2024-57889 page", url: "https://www.suse.com/security/cve/CVE-2024-57889/", }, { category: "self", summary: "SUSE CVE CVE-2024-57948 page", url: "https://www.suse.com/security/cve/CVE-2024-57948/", }, { category: "self", summary: "SUSE CVE CVE-2025-21636 page", url: "https://www.suse.com/security/cve/CVE-2025-21636/", }, { category: "self", summary: "SUSE CVE CVE-2025-21637 page", url: "https://www.suse.com/security/cve/CVE-2025-21637/", }, { category: "self", summary: "SUSE CVE CVE-2025-21638 page", url: "https://www.suse.com/security/cve/CVE-2025-21638/", }, { category: "self", summary: "SUSE CVE CVE-2025-21639 page", url: "https://www.suse.com/security/cve/CVE-2025-21639/", }, { category: "self", summary: "SUSE CVE CVE-2025-21640 page", url: "https://www.suse.com/security/cve/CVE-2025-21640/", }, { category: "self", summary: "SUSE CVE CVE-2025-21647 page", url: "https://www.suse.com/security/cve/CVE-2025-21647/", }, { category: "self", summary: "SUSE CVE CVE-2025-21680 page", url: "https://www.suse.com/security/cve/CVE-2025-21680/", }, { category: "self", summary: "SUSE CVE CVE-2025-21684 page", url: "https://www.suse.com/security/cve/CVE-2025-21684/", }, { category: "self", summary: "SUSE CVE CVE-2025-21687 page", url: "https://www.suse.com/security/cve/CVE-2025-21687/", }, { category: "self", summary: "SUSE CVE CVE-2025-21688 page", url: "https://www.suse.com/security/cve/CVE-2025-21688/", }, { category: "self", summary: "SUSE CVE CVE-2025-21689 page", url: "https://www.suse.com/security/cve/CVE-2025-21689/", }, { category: "self", summary: "SUSE CVE CVE-2025-21690 page", url: "https://www.suse.com/security/cve/CVE-2025-21690/", }, { category: "self", summary: "SUSE CVE CVE-2025-21692 page", url: "https://www.suse.com/security/cve/CVE-2025-21692/", }, { category: "self", summary: "SUSE CVE CVE-2025-21697 page", url: "https://www.suse.com/security/cve/CVE-2025-21697/", }, { category: "self", summary: "SUSE CVE CVE-2025-21699 page", url: "https://www.suse.com/security/cve/CVE-2025-21699/", }, { category: "self", summary: "SUSE CVE CVE-2025-21700 page", url: "https://www.suse.com/security/cve/CVE-2025-21700/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2025-03-05T13:04:51Z", generator: { date: "2025-03-05T13:04:51Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0784-1", initial_release_date: "2025-03-05T13:04:51Z", revision_history: [ { date: "2025-03-05T13:04:51Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", product: { name: "kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", product_id: "kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", }, }, { category: "product_version", name: "kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", product: { name: "kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", product_id: "kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "cluster-md-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "cluster-md-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "dlm-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "dlm-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "gfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "gfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-extra-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-extra-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-extra-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-livepatch-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-livepatch-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-livepatch-devel-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-optional-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-optional-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-optional-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-coco_debug-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-coco_debug-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-coco_debug-vdso-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "kselftests-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "kselftests-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "ocfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "ocfs2-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product: { name: "reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", product_id: "reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product: { name: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-confidential-computing:15:sp6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", }, product_reference: "kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", }, product_reference: "kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", product_id: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", }, product_reference: "reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6", }, ], }, vulnerabilities: [ { cve: "CVE-2023-52924", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52924", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don't skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain->use count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain->use increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon't have been changed.\n\nThen, when set is culled, ->destroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52924", url: "https://www.suse.com/security/cve/CVE-2023-52924", }, { category: "external", summary: "SUSE Bug 1236821 for CVE-2023-52924", url: "https://bugzilla.suse.com/1236821", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 1.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "low", }, ], title: "CVE-2023-52924", }, { cve: "CVE-2023-52925", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-52925", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don't fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other ->activate callbacks\n(bitmap, hash, rhash, rbtree) use elem->priv.\nSame for .remove: other set implementations take elem->priv,\nnft_pipapo_remove fetches elem->priv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor ->deactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-52925", url: "https://www.suse.com/security/cve/CVE-2023-52925", }, { category: "external", summary: "SUSE Bug 1236822 for CVE-2023-52925", url: "https://bugzilla.suse.com/1236822", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2023-52925", }, { cve: "CVE-2024-26708", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-26708", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-26708", url: "https://www.suse.com/security/cve/CVE-2024-26708", }, { category: "external", summary: "SUSE Bug 1222672 for CVE-2024-26708", url: "https://bugzilla.suse.com/1222672", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-26708", }, { cve: "CVE-2024-26810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-26810", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-26810", url: "https://www.suse.com/security/cve/CVE-2024-26810", }, { category: "external", summary: "SUSE Bug 1222803 for CVE-2024-26810", url: "https://bugzilla.suse.com/1222803", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-26810", }, { cve: "CVE-2024-41055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-41055", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section->usage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms->usage\" to fix a race with section_deactivate() where\nms->usage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-41055", url: "https://www.suse.com/security/cve/CVE-2024-41055", }, { category: "external", summary: "SUSE Bug 1228521 for CVE-2024-41055", url: "https://bugzilla.suse.com/1228521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-41055", }, { cve: "CVE-2024-44974", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-44974", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-44974", url: "https://www.suse.com/security/cve/CVE-2024-44974", }, { category: "external", summary: "SUSE Bug 1230235 for CVE-2024-44974", url: "https://bugzilla.suse.com/1230235", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-44974", }, { cve: "CVE-2024-45009", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45009", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk->pm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a 'subflow' endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That's not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45009", url: "https://www.suse.com/security/cve/CVE-2024-45009", }, { category: "external", summary: "SUSE Bug 1230438 for CVE-2024-45009", url: "https://bugzilla.suse.com/1230438", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "low", }, ], title: "CVE-2024-45009", }, { cve: "CVE-2024-45010", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45010", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark 'subflow' endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk->pm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a 'signal' endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n'subflow' endpoints, and here it is a 'signal' endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for 'subflow' endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-45010", url: "https://www.suse.com/security/cve/CVE-2024-45010", }, { category: "external", summary: "SUSE Bug 1230439 for CVE-2024-45010", url: "https://bugzilla.suse.com/1230439", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "low", }, ], title: "CVE-2024-45010", }, { cve: "CVE-2024-47701", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-47701", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n </TASK>\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-47701", url: "https://www.suse.com/security/cve/CVE-2024-47701", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-47701", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1231920 for CVE-2024-47701", url: "https://bugzilla.suse.com/1231920", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-47701", }, { cve: "CVE-2024-49884", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49884", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n <TASK>\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path->p_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49884", url: "https://www.suse.com/security/cve/CVE-2024-49884", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49884", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232198 for CVE-2024-49884", url: "https://bugzilla.suse.com/1232198", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-49884", }, { cve: "CVE-2024-49950", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-49950", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-49950", url: "https://www.suse.com/security/cve/CVE-2024-49950", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-49950", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232159 for CVE-2024-49950", url: "https://bugzilla.suse.com/1232159", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-49950", }, { cve: "CVE-2024-50073", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50073", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n <TASK>\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50073", url: "https://www.suse.com/security/cve/CVE-2024-50073", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50073", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232520 for CVE-2024-50073", url: "https://bugzilla.suse.com/1232520", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-50073", }, { cve: "CVE-2024-50085", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50085", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n </TASK>\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50085", url: "https://www.suse.com/security/cve/CVE-2024-50085", }, { category: "external", summary: "SUSE Bug 1232508 for CVE-2024-50085", url: "https://bugzilla.suse.com/1232508", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-50085", }, { cve: "CVE-2024-50115", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50115", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn't using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM's much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it's only the nSVM flow\nthat is broken.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50115", url: "https://www.suse.com/security/cve/CVE-2024-50115", }, { category: "external", summary: "SUSE Bug 1225742 for CVE-2024-50115", url: "https://bugzilla.suse.com/1225742", }, { category: "external", summary: "SUSE Bug 1232919 for CVE-2024-50115", url: "https://bugzilla.suse.com/1232919", }, { category: "external", summary: "SUSE Bug 1233019 for CVE-2024-50115", url: "https://bugzilla.suse.com/1233019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-50115", }, { cve: "CVE-2024-50185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-50185", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-50185", url: "https://www.suse.com/security/cve/CVE-2024-50185", }, { category: "external", summary: "SUSE Bug 1233109 for CVE-2024-50185", url: "https://bugzilla.suse.com/1233109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-50185", }, { cve: "CVE-2024-53147", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53147", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei->hint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53147", url: "https://www.suse.com/security/cve/CVE-2024-53147", }, { category: "external", summary: "SUSE Bug 1234857 for CVE-2024-53147", url: "https://bugzilla.suse.com/1234857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-53147", }, { cve: "CVE-2024-53173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53173", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53173", url: "https://www.suse.com/security/cve/CVE-2024-53173", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1234891 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234891", }, { category: "external", summary: "SUSE Bug 1234892 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234892", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-53173", }, { cve: "CVE-2024-53226", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53226", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()\n\nib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.\nThe driver needs to check whether it is a NULL pointer before\ndereferencing it.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53226", url: "https://www.suse.com/security/cve/CVE-2024-53226", }, { category: "external", summary: "SUSE Bug 1236576 for CVE-2024-53226", url: "https://bugzilla.suse.com/1236576", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-53226", }, { cve: "CVE-2024-53239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53239", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we're calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card's\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53239", url: "https://www.suse.com/security/cve/CVE-2024-53239", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53239", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235054 for CVE-2024-53239", url: "https://bugzilla.suse.com/1235054", }, { category: "external", summary: "SUSE Bug 1235055 for CVE-2024-53239", url: "https://bugzilla.suse.com/1235055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-53239", }, { cve: "CVE-2024-56539", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56539", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv->ssid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in->ssid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv->ssid,\n user_scan_in->ssid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn't account for the size of the one-element\narray, so it doesn't need to be changed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56539", url: "https://www.suse.com/security/cve/CVE-2024-56539", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1234963 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234963", }, { category: "external", summary: "SUSE Bug 1234964 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234964", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-56539", }, { cve: "CVE-2024-56548", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56548", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don't query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] <TASK>\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56548", url: "https://www.suse.com/security/cve/CVE-2024-56548", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56548", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235073 for CVE-2024-56548", url: "https://bugzilla.suse.com/1235073", }, { category: "external", summary: "SUSE Bug 1235074 for CVE-2024-56548", url: "https://bugzilla.suse.com/1235074", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-56548", }, { cve: "CVE-2024-56568", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56568", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/arm-smmu: Defer probe of clients after smmu device bound\n\nNull pointer dereference occurs due to a race between smmu\ndriver probe and client driver probe, when of_dma_configure()\nfor client is called after the iommu_device_register() for smmu driver\nprobe has executed but before the driver_bound() for smmu driver\nhas been called.\n\nFollowing is how the race occurs:\n\nT1:Smmu device probe\t\tT2: Client device probe\n\nreally_probe()\narm_smmu_device_probe()\niommu_device_register()\n\t\t\t\t\treally_probe()\n\t\t\t\t\tplatform_dma_configure()\n\t\t\t\t\tof_dma_configure()\n\t\t\t\t\tof_dma_configure_id()\n\t\t\t\t\tof_iommu_configure()\n\t\t\t\t\tiommu_probe_device()\n\t\t\t\t\tiommu_init_device()\n\t\t\t\t\tarm_smmu_probe_device()\n\t\t\t\t\tarm_smmu_get_by_fwnode()\n\t\t\t\t\t\tdriver_find_device_by_fwnode()\n\t\t\t\t\t\tdriver_find_device()\n\t\t\t\t\t\tnext_device()\n\t\t\t\t\t\tklist_next()\n\t\t\t\t\t\t /* null ptr\n\t\t\t\t\t\t assigned to smmu */\n\t\t\t\t\t/* null ptr dereference\n\t\t\t\t\t while smmu->streamid_mask */\ndriver_bound()\n\tklist_add_tail()\n\nWhen this null smmu pointer is dereferenced later in\narm_smmu_probe_device, the device crashes.\n\nFix this by deferring the probe of the client device\nuntil the smmu device has bound to the arm smmu driver.\n\n[will: Add comment]", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56568", url: "https://www.suse.com/security/cve/CVE-2024-56568", }, { category: "external", summary: "SUSE Bug 1235032 for CVE-2024-56568", url: "https://bugzilla.suse.com/1235032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-56568", }, { cve: "CVE-2024-56579", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56579", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56579", url: "https://www.suse.com/security/cve/CVE-2024-56579", }, { category: "external", summary: "SUSE Bug 1236575 for CVE-2024-56579", url: "https://bugzilla.suse.com/1236575", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-56579", }, { cve: "CVE-2024-56605", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56605", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56605", url: "https://www.suse.com/security/cve/CVE-2024-56605", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56605", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235061 for CVE-2024-56605", url: "https://bugzilla.suse.com/1235061", }, { category: "external", summary: "SUSE Bug 1235062 for CVE-2024-56605", url: "https://bugzilla.suse.com/1235062", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-56605", }, { cve: "CVE-2024-56647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56647", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n <IRQ>\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst->out = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst->dev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56647", url: "https://www.suse.com/security/cve/CVE-2024-56647", }, { category: "external", summary: "SUSE Bug 1235435 for CVE-2024-56647", url: "https://bugzilla.suse.com/1235435", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-56647", }, { cve: "CVE-2024-56720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56720", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Several fixes to bpf_msg_pop_data\n\nSeveral fixes to bpf_msg_pop_data,\n1. In sk_msg_shift_left, we should put_page\n2. if (len == 0), return early is better\n3. pop the entire sk_msg (last == msg->sg.size) should be supported\n4. Fix for the value of variable \"a\"\n5. In sk_msg_shift_left, after shifting, i has already pointed to the next\nelement. Addtional sk_msg_iter_var_next may result in BUG.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56720", url: "https://www.suse.com/security/cve/CVE-2024-56720", }, { category: "external", summary: "SUSE Bug 1235592 for CVE-2024-56720", url: "https://bugzilla.suse.com/1235592", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-56720", }, { cve: "CVE-2024-57889", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-57889", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc->lock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp->lock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp->lock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp->lock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-57889", url: "https://www.suse.com/security/cve/CVE-2024-57889", }, { category: "external", summary: "SUSE Bug 1236573 for CVE-2024-57889", url: "https://bugzilla.suse.com/1236573", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2024-57889", }, { cve: "CVE-2024-57948", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-57948", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(&sdata->list)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local->interfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 <0f> 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n <TASK>\n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-57948", url: "https://www.suse.com/security/cve/CVE-2024-57948", }, { category: "external", summary: "SUSE Bug 1236677 for CVE-2024-57948", url: "https://bugzilla.suse.com/1236677", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2024-57948", }, { cve: "CVE-2025-21636", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21636", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.probe_interval' is\nused.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21636", url: "https://www.suse.com/security/cve/CVE-2025-21636", }, { category: "external", summary: "SUSE Bug 1236113 for CVE-2025-21636", url: "https://bugzilla.suse.com/1236113", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21636", }, { cve: "CVE-2025-21637", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21637", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21637", url: "https://www.suse.com/security/cve/CVE-2025-21637", }, { category: "external", summary: "SUSE Bug 1236114 for CVE-2025-21637", url: "https://bugzilla.suse.com/1236114", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21637", }, { cve: "CVE-2025-21638", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21638", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21638", url: "https://www.suse.com/security/cve/CVE-2025-21638", }, { category: "external", summary: "SUSE Bug 1236115 for CVE-2025-21638", url: "https://bugzilla.suse.com/1236115", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21638", }, { cve: "CVE-2025-21639", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21639", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.rto_min/max' is used.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21639", url: "https://www.suse.com/security/cve/CVE-2025-21639", }, { category: "external", summary: "SUSE Bug 1236122 for CVE-2025-21639", url: "https://bugzilla.suse.com/1236122", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21639", }, { cve: "CVE-2025-21640", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21640", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.sctp_hmac_alg' is\nused.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21640", url: "https://www.suse.com/security/cve/CVE-2025-21640", }, { category: "external", summary: "SUSE Bug 1236123 for CVE-2025-21640", url: "https://bugzilla.suse.com/1236123", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21640", }, { cve: "CVE-2025-21647", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21647", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow's quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it's not worth\ncomplicating the code to preserve the old behaviour.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21647", url: "https://www.suse.com/security/cve/CVE-2025-21647", }, { category: "external", summary: "SUSE Bug 1236133 for CVE-2025-21647", url: "https://bugzilla.suse.com/1236133", }, { category: "external", summary: "SUSE Bug 1236134 for CVE-2025-21647", url: "https://bugzilla.suse.com/1236134", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2025-21647", }, { cve: "CVE-2025-21680", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21680", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev->imix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type 'imix_pkt [20]'\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n<TASK>\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21680", url: "https://www.suse.com/security/cve/CVE-2025-21680", }, { category: "external", summary: "SUSE Bug 1236700 for CVE-2025-21680", url: "https://bugzilla.suse.com/1236700", }, { category: "external", summary: "SUSE Bug 1236701 for CVE-2025-21680", url: "https://bugzilla.suse.com/1236701", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2025-21680", }, { cve: "CVE-2025-21684", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21684", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: xilinx: Convert gpio_lock to raw spinlock\n\nirq_chip functions may be called in raw spinlock context. Therefore, we\nmust also use a raw spinlock for our own internal locking.\n\nThis fixes the following lockdep splat:\n\n[ 5.349336] =============================\n[ 5.353349] [ BUG: Invalid wait context ]\n[ 5.357361] 6.13.0-rc5+ #69 Tainted: G W\n[ 5.363031] -----------------------------\n[ 5.367045] kworker/u17:1/44 is trying to lock:\n[ 5.371587] ffffff88018b02c0 (&chip->gpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.380079] other info that might help us debug this:\n[ 5.385138] context-{5:5}\n[ 5.387762] 5 locks held by kworker/u17:1/44:\n[ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204)\n[ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205)\n[ 5.411528] #2: ffffff880172c900 (&dev->mutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006)\n[ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596)\n[ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614)\n[ 5.436472] stack backtrace:\n[ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69\n[ 5.448690] Tainted: [W]=WARN\n[ 5.451656] Hardware name: xlnx,zynqmp (DT)\n[ 5.455845] Workqueue: events_unbound deferred_probe_work_func\n[ 5.461699] Call trace:\n[ 5.464147] show_stack+0x18/0x24 C\n[ 5.467821] dump_stack_lvl (lib/dump_stack.c:123)\n[ 5.471501] dump_stack (lib/dump_stack.c:130)\n[ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176)\n[ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814)\n[ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345)\n[ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250)\n[ 5.497645] irq_startup (kernel/irq/chip.c:270)\n[ 5.501143] __setup_irq (kernel/irq/manage.c:1807)\n[ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21684", url: "https://www.suse.com/security/cve/CVE-2025-21684", }, { category: "external", summary: "SUSE Bug 1236952 for CVE-2025-21684", url: "https://bugzilla.suse.com/1236952", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21684", }, { cve: "CVE-2025-21687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21687", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: check the bounds of read/write syscalls\n\ncount and offset are passed from user space and not checked, only\noffset is capped to 40 bits, which can be used to read/write out of\nbounds of the device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21687", url: "https://www.suse.com/security/cve/CVE-2025-21687", }, { category: "external", summary: "SUSE Bug 1237045 for CVE-2025-21687", url: "https://bugzilla.suse.com/1237045", }, { category: "external", summary: "SUSE Bug 1237046 for CVE-2025-21687", url: "https://bugzilla.suse.com/1237046", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2025-21687", }, { cve: "CVE-2025-21688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21688", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Assign job pointer to NULL before signaling the fence\n\nIn commit e4b5ccd392b9 (\"drm/v3d: Ensure job pointer is set to NULL\nafter job completion\"), we introduced a change to assign the job pointer\nto NULL after completing a job, indicating job completion.\n\nHowever, this approach created a race condition between the DRM\nscheduler workqueue and the IRQ execution thread. As soon as the fence is\nsignaled in the IRQ execution thread, a new job starts to be executed.\nThis results in a race condition where the IRQ execution thread sets the\njob pointer to NULL simultaneously as the `run_job()` function assigns\na new job to the pointer.\n\nThis race condition can lead to a NULL pointer dereference if the IRQ\nexecution thread sets the job pointer to NULL after `run_job()` assigns\nit to the new job. When the new job completes and the GPU emits an\ninterrupt, `v3d_irq()` is triggered, potentially causing a crash.\n\n[ 466.310099] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n[ 466.318928] Mem abort info:\n[ 466.321723] ESR = 0x0000000096000005\n[ 466.325479] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 466.330807] SET = 0, FnV = 0\n[ 466.333864] EA = 0, S1PTW = 0\n[ 466.337010] FSC = 0x05: level 1 translation fault\n[ 466.341900] Data abort info:\n[ 466.344783] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 466.350285] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 466.355350] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 466.360677] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000089772000\n[ 466.367140] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 466.375875] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 466.382163] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device algif_hash algif_skcipher af_alg bnep binfmt_misc vc4 snd_soc_hdmi_codec drm_display_helper cec brcmfmac_wcc spidev rpivid_hevc(C) drm_client_lib brcmfmac hci_uart drm_dma_helper pisp_be btbcm brcmutil snd_soc_core aes_ce_blk v4l2_mem2mem bluetooth aes_ce_cipher snd_compress videobuf2_dma_contig ghash_ce cfg80211 gf128mul snd_pcm_dmaengine videobuf2_memops ecdh_generic sha2_ce ecc videobuf2_v4l2 snd_pcm v3d sha256_arm64 rfkill videodev snd_timer sha1_ce libaes gpu_sched snd videobuf2_common sha1_generic drm_shmem_helper mc rp1_pio drm_kms_helper raspberrypi_hwmon spi_bcm2835 gpio_keys i2c_brcmstb rp1 raspberrypi_gpiomem rp1_mailbox rp1_adc nvmem_rmem uio_pdrv_genirq uio i2c_dev drm ledtrig_pattern drm_panel_orientation_quirks backlight fuse dm_mod ip_tables x_tables ipv6\n[ 466.458429] CPU: 0 UID: 1000 PID: 2008 Comm: chromium Tainted: G C 6.13.0-v8+ #18\n[ 466.467336] Tainted: [C]=CRAP\n[ 466.470306] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 466.476157] pstate: 404000c9 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 466.483143] pc : v3d_irq+0x118/0x2e0 [v3d]\n[ 466.487258] lr : __handle_irq_event_percpu+0x60/0x228\n[ 466.492327] sp : ffffffc080003ea0\n[ 466.495646] x29: ffffffc080003ea0 x28: ffffff80c0c94200 x27: 0000000000000000\n[ 466.502807] x26: ffffffd08dd81d7b x25: ffffff80c0c94200 x24: ffffff8003bdc200\n[ 466.509969] x23: 0000000000000001 x22: 00000000000000a7 x21: 0000000000000000\n[ 466.517130] x20: ffffff8041bb0000 x19: 0000000000000001 x18: 0000000000000000\n[ 466.524291] x17: ffffffafadfb0000 x16: ffffffc080000000 x15: 0000000000000000\n[ 466.531452] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 466.538613] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffffd08c527eb0\n[ 466.545777] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[ 466.552941] x5 : ffffffd08c4100d0 x4 : ffffffafadfb0000 x3 : ffffffc080003f70\n[ 466.560102] x2 : ffffffc0829e8058 x1 : 0000000000000001 x0 : 0000000000000000\n[ 466.567263] Call trace:\n[ 466.569711] v3d_irq+0x118/0x2e0 [v3d] (P)\n[ 466.\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21688", url: "https://www.suse.com/security/cve/CVE-2025-21688", }, { category: "external", summary: "SUSE Bug 1237007 for CVE-2025-21688", url: "https://bugzilla.suse.com/1237007", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21688", }, { cve: "CVE-2025-21689", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21689", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport > serial->num_ports) {\n dev_err(&port->dev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn't account for the valid range of the serial->port\nbuffer, which is from 0 to serial->num_ports - 1. When newport is equal\nto serial->num_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv->current_port = newport;\n port = serial->port[serial_priv->current_port];\n\nThe fix checks if newport is greater than or equal to serial->num_ports\nindicating it is out-of-bounds.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21689", url: "https://www.suse.com/security/cve/CVE-2025-21689", }, { category: "external", summary: "SUSE Bug 1237017 for CVE-2025-21689", url: "https://bugzilla.suse.com/1237017", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21689", }, { cve: "CVE-2025-21690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21690", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there's a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn't DoS the VM.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21690", url: "https://www.suse.com/security/cve/CVE-2025-21690", }, { category: "external", summary: "SUSE Bug 1237025 for CVE-2025-21690", url: "https://bugzilla.suse.com/1237025", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21690", }, { cve: "CVE-2025-21692", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21692", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan <g1042620637@gmail.com> found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type 'ets_class [16]'\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] <TASK>\n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] </TASK>\n [ 18.888610] ---[ end trace ]---", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21692", url: "https://www.suse.com/security/cve/CVE-2025-21692", }, { category: "external", summary: "SUSE Bug 1237028 for CVE-2025-21692", url: "https://bugzilla.suse.com/1237028", }, { category: "external", summary: "SUSE Bug 1237048 for CVE-2025-21692", url: "https://bugzilla.suse.com/1237048", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "important", }, ], title: "CVE-2025-21692", }, { cve: "CVE-2025-21697", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21697", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21697", url: "https://www.suse.com/security/cve/CVE-2025-21697", }, { category: "external", summary: "SUSE Bug 1237132 for CVE-2025-21697", url: "https://bugzilla.suse.com/1237132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "low", }, ], title: "CVE-2025-21697", }, { cve: "CVE-2025-21699", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21699", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode's address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21699", url: "https://www.suse.com/security/cve/CVE-2025-21699", }, { category: "external", summary: "SUSE Bug 1237139 for CVE-2025-21699", url: "https://bugzilla.suse.com/1237139", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21699", }, { cve: "CVE-2025-21700", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-21700", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug <=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann <nnamrec@gmail.com>", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-21700", url: "https://www.suse.com/security/cve/CVE-2025-21700", }, { category: "external", summary: "SUSE Bug 1237159 for CVE-2025-21700", url: "https://bugzilla.suse.com/1237159", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.18.coco15sp6.1.noarch", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.18.coco15sp6.1.x86_64", "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.18.coco15sp6.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-05T13:04:51Z", details: "moderate", }, ], title: "CVE-2025-21700", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.