SUSE-SU-2021:2599-1
Vulnerability from csaf_suse - Published: 2021-08-03 12:46 - Updated: 2021-08-03 12:46Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)
The following non-security bugs were fixed:
- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).
- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).
- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).
- ACPI: Fix memory leak caused by _CID repair function (git-fixes).
- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).
- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).
- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).
- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).
- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).
- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).
- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).
- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).
- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).
- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).
- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: * context changes
- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).
- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).
- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).
- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in 'mtk_btcvsd_snd_probe()' (git-fixes).
- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).
- ata: ahci_sunxi: Disable DIPM (git-fixes).
- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).
- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).
- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).
- ath10k: remove unused more_frags variable (git-fixes).
- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).
- backlight: lm3630a_bl: Put fwnode in error case during ->probe() (git-fixes).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).
- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- brcmfmac: correctly report average RSSI in station info (git-fixes).
- brcmfmac: fix setting of station info chains bitmask (git-fixes).
- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).
- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).
- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).
- char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol() (git-fixes).
- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).
- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).
- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).
- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).
- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).
- clk: zynqmp: pll: Remove some dead code (git-fixes).
- clocksource: Retry clock read if long delays detected (git-fixes).
- cpufreq: sc520_freq: add 'fallthrough' to one case (git-fixes).
- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).
- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).
- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).
- crypto: qat - remove unused macro in FW loader (git-fixes).
- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).
- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).
- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).
- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).
- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).
- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).
- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: * context changes
- drm: qxl: ensure surf.data is ininitialized (git-fixes).
- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: * unsigned long -> uint32_t
- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: * only panel-samsung-s6d16d0.c exists
- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: * context changes * GEM_WARN_ON() -> WARN_ON()
- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).
- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: * context changes
- drm/radeon: wait for moving fence after pinning (git-fixes).
- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).
- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).
- drm/rockchip: dsi: remove extra component_del() call (git-fixes).
- drm/stm: Fix bus_flags handling (bsc#1152472)
- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: * context changes * vc4_hdmi -> vc4->hdmi
- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).
- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).
- extcon: max8997: Add missing modalias string (git-fixes).
- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).
- fm10k: Fix an error handling path in 'fm10k_probe()' (git-fixes).
- fpga: machxo2-spi: Address warning about unused variable (git-fixes).
- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).
- fuse: check connected before queueing on fpq->io (bsc#1188267).
- fuse: ignore PG_workingset after stealing (bsc#1188268).
- fuse: reject internal errno (bsc#1188269).
- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).
- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).
- gve: Fix an error handling path in 'gve_probe()' (git-fixes).
- gve: Fix swapped vars when fetching max queues (git-fixes).
- HID: do not use down_interruptible() when unbinding devices (git-fixes).
- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).
- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).
- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).
- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).
- i2c: dev: Add __user annotation (git-fixes).
- i2c: robotfuzz-osif: fix control-request directions (git-fixes).
- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).
- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).
- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).
- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).
- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
- ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114 ltc#192237).
- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).
- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adis_buffer: do not return ints in irq handlers (git-fixes).
- iio: adis16400: do not return ints in irq handlers (git-fixes).
- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).
- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).
- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).
- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).
- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).
- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: si1133: fix format string warnings (git-fixes).
- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).
- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).
- Input: usbtouchscreen - fix control-request directions (git-fixes).
- kABI: restore struct tcpc_config definition (git-fixes).
- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).
- leds: ktd2692: Fix an error handling path (git-fixes).
- leds: lm3532: select regmap I2C API (git-fixes).
- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).
- lib/decompressors: remove set but not used variabled 'level' (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- mac80211: drop pending frames on stop (git-fixes).
- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).
- mac80211: remove warning in ieee80211_get_sband() (git-fixes).
- math: Export mul_u64_u64_div_u64 (git-fixes).
- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).
- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).
- media: cobalt: fix race condition in setting HPD (git-fixes).
- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).
- media: dtv5100: fix control-request directions (git-fixes).
- media: dvb_net: avoid speculation from net slot (git-fixes).
- media: dvb-usb: fix wrong definition (git-fixes).
- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).
- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).
- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).
- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).
- media: Fix Media Controller API config checks (git-fixes).
- media: gspca/gl860: fix zero-length control requests (git-fixes).
- media: gspca/sq905: fix control-request direction (git-fixes).
- media: gspca/sunplus: fix zero-length control requests (git-fixes).
- media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).
- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).
- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: mtk-vcodec: fix PM runtime get logic (git-fixes).
- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).
- media: rc: i2c: Fix an error message (git-fixes).
- media: rtl28xxu: fix zero-length control request (git-fixes).
- media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).
- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).
- media: siano: fix device register error path (git-fixes).
- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).
- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).
- media: sti: fix obj-$(config) targets (git-fixes).
- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).
- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).
- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).
- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).
- memstick: rtsx_usb_ms: fix UAF (git-fixes).
- mmc: block: Disable CMDQ on the ioctl path (git-fixes).
- mmc: core: clear flags before allowing to retune (git-fixes).
- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).
- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).
- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).
- mmc: vub3000: fix control-request direction (git-fixes).
- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).
- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).
- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).
- mwifiex: re-fix for unaligned accesses (git-fixes).
- nvme: fix in-casule data send for chained sgls (git-fixes).
- nvme: introduce nvme_rdma_sgl structure (git-fixes).
- nvme: rerun io_work if req_list is not empty (git-fixes).
- nvme: verify MNAN value if ANA is enabled (bsc#1185791).
- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).
- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).
- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).
- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).
- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).
- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).
- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).
- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).
- reset: a10sr: add missing of_match_table reference (git-fixes).
- reset: bail if try_module_get() fails (git-fixes).
- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).
- Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
- Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rpm/kernel-binary.spec.in: Remove zdebug define used only once.
- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).
- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).
- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).
- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).
- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).
- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).
- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).
- serial: tegra-tcu: Reorder channel initialization (git-fixes).
- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).
- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).
- soundwire: stream: Fix test for DP prepare complete (git-fixes).
- spi: fspi: dynamically alloc AHB memory (bsc#1188121).
- spi: Make of_register_spi_device also set the fwnode (git-fixes).
- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).
- spi: omap-100k: Fix the length judgment problem (git-fixes).
- spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf' (git-fixes).
- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).
- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).
- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).
- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).
- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).
- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).
- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).
- spi: tegra114: Fix an error message (git-fixes).
- ssb: Fix error return code in ssb_bus_scan() (git-fixes).
- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).
- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).
- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).
- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).
- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).
- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).
- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).
- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).
- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).
- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).
- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).
- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).
- tracing: Fix parsing of 'sym-offset' modifier (git-fixes).
- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).
- tracing: Simplify and fix saved_tgids logic (git-fixes).
- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
- tty: nozomi: Fix the error handling path of 'nozomi_card_init()' (git-fixes).
- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).
- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).
- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).
- usb: dwc3: Fix debugfs creation flow (git-fixes).
- usb: gadget: eem: fix echo command packet response issue (git-fixes).
- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).
- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).
- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).
- usb: typec: fusb302: fix 'op-sink-microwatt' default that was in mW (git-fixes).
- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).
- usb: typec: tcpm: Move mod_delayed_work(port->vdm_state_machine) call into tcpm_queue_vdm() (git-fixes).
- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).
- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).
- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).
- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).
- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).
- usb: typec: ucsi: Hold con->lock for the entire duration of ucsi_register_port() (git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).
- UsrMerge the kernel (boo#1184804)
- vfio: Handle concurrent vma faults (git-fixes).
- vfs: Convert functionfs to use the new mount API (git -fixes).
- video: fbdev: imxfb: Fix an error message (git-fixes).
- visorbus: fix error return code in visorchipset_init() (git-fixes).
- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).
- watchdog: aspeed: fix hardware timeout calculation (git-fixes).
- watchdog: sp805: Fix kernel doc description (git-fixes).
- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).
- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
- x86/kvm: Disable all PV features on crash (bsc#1185308).
- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).
- xhci: solve a double free problem while doing s4 (git-fixes).
Patchnames: SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)\n- CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)\n- CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)\n- CVE-2021-35039: Fixed a bug where modules signature verification did not occur if CONFIG_MODULE_SIG is not set, regardless of the value of module.sig_enforce command-line argument. (bnc#1188080)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix synchronous external aborts in user-mode (git-fixes).\n- ACPI: bus: Call kobject_put() in acpi_init() error path (git-fixes).\n- ACPI: EC: Make more Asus laptops use ECDT _GPE (git-fixes).\n- ACPI: Fix memory leak caused by _CID repair function (git-fixes).\n- ACPI: processor idle: Fix up C-state latency if not ordered (git-fixes).\n- ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).\n- ACPI: resources: Add checks for ACPI IRQ override (git-fixes).\n- ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).\n- ALSA: hda/realtek: Add another ALC236 variant support (git-fixes).\n- ALSA: hda/realtek: Fix bass speaker DAC mapping for Asus UM431D (git-fixes).\n- ALSA: intel8x0: Fix breakage at ac97 clock measurement (git-fixes).\n- ALSA: isa: Fix error return code in snd_cmi8330_probe() (git-fixes).\n- ALSA: usb-audio: fix rate on Ozone Z90 USB headset (git-fixes).\n- ALSA: usb-audio: scarlett2: Fix wrong resume call (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mixer volumes at init time (git-fixes).\n- ALSA: usb-audio: scarlett2: Read mux at init time (git-fixes).\n- amdgpu: fix GEM obj leak in amdgpu_display_user_framebuffer_create (bsc#1152472) Backporting changes: \t* context changes\n- ASoC: atmel-i2s: Fix usage of capture and playback at the same time (git-fixes).\n- ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK (git-fixes).\n- ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup() (git-fixes).\n- ASoC: mediatek: mtk-btcvsd: Fix an error handling path in \u0027mtk_btcvsd_snd_probe()\u0027 (git-fixes).\n- ASoC: rsnd: tidyup loop on rsnd_adg_clk_query() (git-fixes).\n- ata: ahci_sunxi: Disable DIPM (git-fixes).\n- ath10k: add missing error return code in ath10k_pci_probe() (git-fixes).\n- ath10k: Fix an error code in ath10k_add_interface() (git-fixes).\n- ath10k: go to path err_unsupported when chip id is not supported (git-fixes).\n- ath10k: remove unused more_frags variable (git-fixes).\n- ath9k: Fix kernel NULL pointer dereference during ath_reset_internal() (git-fixes).\n- backlight: lm3630a_bl: Put fwnode in error case during -\u003eprobe() (git-fixes).\n- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).\n- blk-mq: In blk_mq_dispatch_rq_list() \u0027no budget\u0027 is a reason to kick (bsc#1180092).\n- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).\n- blk-mq: insert passthrough request into hctx-\u003edispatch directly (bsc#1180092).\n- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).\n- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).\n- Bluetooth: Fix handling of HCI_LE_Advertising_Set_Terminated event (git-fixes).\n- Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid (git-fixes).\n- bpftool: Properly close va_list \u0027ap\u0027 by va_end() on error (bsc#1155518).\n- brcmfmac: correctly report average RSSI in station info (git-fixes).\n- brcmfmac: fix setting of station info chains bitmask (git-fixes).\n- brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).\n- can: gw: synchronize rcu operations before removing gw job entry (git-fixes).\n- can: hi311x: hi3110_can_probe(): silence clang warning (git-fixes).\n- can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path (git-fixes).\n- cfg80211: call cfg80211_leave_ocb when switching away from OCB (git-fixes).\n- char: pcmcia: error out if \u0027num_bytes_read\u0027 is greater than 4 in set_protocol() (git-fixes).\n- clk: actions: Fix bisp_factor_table based clocks on Owl S500 SoC (git-fixes).\n- clk: actions: Fix SD clocks factor table on Owl S500 SoC (git-fixes).\n- clk: actions: Fix UART clock dividers on Owl S500 SoC (git-fixes).\n- clk: meson: g12a: fix gp0 and hifi ranges (git-fixes).\n- clk: si5341: Avoid divide errors due to bogus register contents (git-fixes).\n- clk: zynqmp: pll: Remove some dead code (git-fixes).\n- clocksource: Retry clock read if long delays detected (git-fixes).\n- cpufreq: sc520_freq: add \u0027fallthrough\u0027 to one case (git-fixes).\n- crypto: ccp - Fix a resource leak in an error handling path (git-fixes).\n- crypto: ixp4xx - dma_unmap the correct address (git-fixes).\n- crypto: nitrox - fix unchecked variable in nitrox_register_interrupts (git-fixes).\n- crypto: nx - add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: omap-sham - Fix PM reference leak in omap sham ops (git-fixes).\n- crypto: qat - check return code of qat_hal_rd_rel_reg() (git-fixes).\n- crypto: qat - remove unused macro in FW loader (git-fixes).\n- crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes).\n- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).\n- dmaengine: mediatek: do not issue a new desc if one is still current (git-fixes).\n- dmaengine: mediatek: free the proper desc in desc_free handler (git-fixes).\n- dmaengine: mediatek: use GFP_NOWAIT instead of GFP_ATOMIC in prep_dma (git-fixes).\n- dmaengine: rcar-dmac: Fix PM reference leak in rcar_dmac_probe() (git-fixes).\n- dmaengine: zynqmp_dma: Fix PM reference leak in zynqmp_dma_alloc_chan_resourc() (git-fixes).\n- dpaa2-eth: fix memory leak in XDP_REDIRECT (git-fixes).\n- drm: bridge/panel: Cleanup connector on bridge detach (bsc#1152489) Backporting changes: \t* context changes\n- drm: qxl: ensure surf.data is ininitialized (git-fixes).\n- drm/amdgpu: Do not query CE and UE errors (bsc#1152472) Backporting changes: \t* unsigned long -\u003e uint32_t\n- drm/mcde/panel: Inverse misunderstood flag (bsc#1152472) Backporting changes: \t* only panel-samsung-s6d16d0.c exists\n- drm/msm: Small msm_gem_purge() fix (bsc#1152489) Backporting changes: \t* context changes \t* GEM_WARN_ON() -\u003e WARN_ON()\n- drm/msm/dpu: Fix error return code in dpu_mdss_init() (git-fixes).\n- drm/nouveau: wait for moving fence after pinning v2 (git-fixes).\n- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect() (bsc#1152489) Backporting changes: \t* context changes\n- drm/radeon: wait for moving fence after pinning (git-fixes).\n- drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write() (git-fixes).\n- drm/rockchip: dsi: move all lane config except LCDC mux to bind() (git-fixes).\n- drm/rockchip: dsi: remove extra component_del() call (git-fixes).\n- drm/stm: Fix bus_flags handling (bsc#1152472)\n- drm/vc4: hdmi: Make sure the controller is powered in detect (bsc#1152489) Backporting changes: \t* context changes \t* vc4_hdmi -\u003e vc4-\u003ehdmi\n- extcon: extcon-max8997: Fix IRQ freeing at error path (git-fixes).\n- extcon: intel-mrfld: Sync hardware and software state on init (git-fixes).\n- extcon: max8997: Add missing modalias string (git-fixes).\n- extcon: sm5502: Drop invalid register write in sm5502_reg_data (git-fixes).\n- fbmem: add margin check to fb_check_caps() (git-fixes).\n- firmware: tegra: Fix error return code in tegra210_bpmp_init() (git-fixes).\n- fm10k: Fix an error handling path in \u0027fm10k_probe()\u0027 (git-fixes).\n- fpga: machxo2-spi: Address warning about unused variable (git-fixes).\n- fpga: stratix10-soc: Add missing fpga_mgr_free() call (git-fixes).\n- fuse: check connected before queueing on fpq-\u003eio (bsc#1188267).\n- fuse: ignore PG_workingset after stealing (bsc#1188268).\n- fuse: reject internal errno (bsc#1188269).\n- futex: fix shared futex pgoff on shmem huge page (git fixes (kernel/futex)).\n- gpio: AMD8111 and TQMX86 require HAS_IOPORT_MAP (git-fixes).\n- gve: Fix an error handling path in \u0027gve_probe()\u0027 (git-fixes).\n- gve: Fix swapped vars when fetching max queues (git-fixes).\n- HID: do not use down_interruptible() when unbinding devices (git-fixes).\n- HID: wacom: Correct base usage for capacitive ExpressKey status bits (git-fixes).\n- hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).\n- hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).\n- hwmon: (max31790) Fix pwmX_enable attributes (git-fixes).\n- hwmon: (max31790) Report correct current pwm duty cycles (git-fixes).\n- hwrng: exynos - Fix runtime PM imbalance on error (git-fixes).\n- i2c: dev: Add __user annotation (git-fixes).\n- i2c: robotfuzz-osif: fix control-request directions (git-fixes).\n- ibmvnic: account for bufs already saved in indir_buf (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).\n- ibmvnic: clean pending indirect buffs during reset (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290).\n- ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).\n- ibmvnic: fix kernel build warnings in build_hdr_descs_arr (bsc#1184114 ltc#192237).\n- ibmvnic: fix send_request_map incompatible argument (bsc#1184114 ltc#192237).\n- ibmvnic: free tx_pool if tso_pool alloc fails (bsc#1085224 ltc#164363).\n- ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).\n- ibmvnic: set ltb-\u003ebuff to NULL after freeing (bsc#1094840 ltc#167098).\n- ibmvnic: Use \u0027skb_frag_address()\u0027 instead of hand coding it (bsc#1184114 ltc#192237).\n- ibmvnic: Use list_for_each_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).\n- ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).\n- iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: mxc4005: Fix overread of data and alignment issue (git-fixes).\n- iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: at91-sama5d2: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: hx711: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: ti-ads8688: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: adis_buffer: do not return ints in irq handlers (git-fixes).\n- iio: adis16400: do not return ints in irq handlers (git-fixes).\n- iio: at91-sama5d2_adc: remove usage of iio_priv_to_dev() helper (git-fixes).\n- iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: tcs3472: do not free unallocated IRQ (git-fixes).\n- iio: light: tcs3472: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: light: vcnl4035: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: ltr501: ltr501_read_ps(): add missing endianness conversion (git-fixes).\n- iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR (git-fixes).\n- iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too (git-fixes).\n- iio: magn: bmc150: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: hmc5843: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: magn: rm3100: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: isl29501: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp() (git-fixes).\n- iio: si1133: fix format string warnings (git-fixes).\n- iio:accel:mxc4005: Drop unnecessary explicit casts in regmap_bulk_read calls (git-fixes).\n- Input: hil_kbd - fix error return code in hil_dev_connect() (git-fixes).\n- Input: usbtouchscreen - fix control-request directions (git-fixes).\n- kABI: restore struct tcpc_config definition (git-fixes).\n- leds: as3645a: Fix error return code in as3645a_parse_node() (git-fixes).\n- leds: ktd2692: Fix an error handling path (git-fixes).\n- leds: lm3532: select regmap I2C API (git-fixes).\n- lib: vsprintf: Fix handling of number field widths in vsscanf (git-fixes).\n- lib/decompressors: remove set but not used variabled \u0027level\u0027 (git-fixes).\n- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).\n- mac80211: drop pending frames on stop (git-fixes).\n- mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).\n- mac80211: remove iwlwifi specific workaround that broke sta NDP tx (git-fixes).\n- mac80211: remove warning in ieee80211_get_sband() (git-fixes).\n- math: Export mul_u64_u64_div_u64 (git-fixes).\n- media: au0828: fix a NULL vs IS_ERR() check (git-fixes).\n- media: bt8xx: Fix a missing check bug in bt878_probe (git-fixes).\n- media: cobalt: fix race condition in setting HPD (git-fixes).\n- media: cpia2: fix memory leak in cpia2_usb_probe (git-fixes).\n- media: dtv5100: fix control-request directions (git-fixes).\n- media: dvb_net: avoid speculation from net slot (git-fixes).\n- media: dvb-usb: fix wrong definition (git-fixes).\n- media: dvd_usb: memory leak in cinergyt2_fe_attach (git-fixes).\n- media: em28xx: Fix possible memory leak of em28xx struct (git-fixes).\n- media: exynos-gsc: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: exynos4-is: Fix a use after free in isp_video_release (git-fixes).\n- media: Fix Media Controller API config checks (git-fixes).\n- media: gspca/gl860: fix zero-length control requests (git-fixes).\n- media: gspca/sq905: fix control-request direction (git-fixes).\n- media: gspca/sunplus: fix zero-length control requests (git-fixes).\n- media: I2C: change \u0027RST\u0027 to \u0027RSET\u0027 to fix multiple build errors (git-fixes).\n- media: imx-csi: Skip first few frames from a BT.656 source (git-fixes).\n- media: imx: imx7_mipi_csis: Fix logging of only error event counters (git-fixes).\n- media: mdk-mdp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: mtk-vcodec: fix PM runtime get logic (git-fixes).\n- media: pvrusb2: fix warning in pvr2_i2c_core_done (git-fixes).\n- media: rc: i2c: Fix an error message (git-fixes).\n- media: rtl28xxu: fix zero-length control request (git-fixes).\n- media: s5p-g2d: Fix a memory leak on ctx-\u003efh.m2m_ctx (git-fixes).\n- media: s5p-jpeg: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: sh_vou: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: siano: fix device register error path (git-fixes).\n- media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2() (git-fixes).\n- media: st-hva: Fix potential NULL pointer dereferences (git-fixes).\n- media: sti: fix obj-$(config) targets (git-fixes).\n- media: sti/bdisp: fix pm_runtime_get_sync() usage count (git-fixes).\n- media: tc358743: Fix error return code in tc358743_probe_of() (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release (git-fixes).\n- media: zr364xx: fix memory leak in zr364xx_start_readpipe (git-fixes).\n- memory: atmel-ebi: add missing of_node_put for loop iteration (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).\n- memory: pl353: Fix error return code in pl353_smc_probe() (git-fixes).\n- memstick: rtsx_usb_ms: fix UAF (git-fixes).\n- mmc: block: Disable CMDQ on the ioctl path (git-fixes).\n- mmc: core: clear flags before allowing to retune (git-fixes).\n- mmc: sdhci-esdhc-imx: remove unused is_imx6q_usdhc (git-fixes).\n- mmc: sdhci-sprd: use sdhci_sprd_writew (git-fixes).\n- mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).\n- mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).\n- mmc: via-sdmmc: add a check against NULL pointer dereference (git-fixes).\n- mmc: vub3000: fix control-request direction (git-fixes).\n- mt76: fix possible NULL pointer dereference in mt76_tx (git-fixes).\n- mtd: partitions: redboot: seek fis-index-block in the right node (git-fixes).\n- mtd: rawnand: marvell: add missing clk_disable_unprepare() on error in marvell_nfc_resume() (git-fixes).\n- mwifiex: re-fix for unaligned accesses (git-fixes).\n- nvme: fix in-casule data send for chained sgls (git-fixes).\n- nvme: introduce nvme_rdma_sgl structure (git-fixes).\n- nvme: rerun io_work if req_list is not empty (git-fixes).\n- nvme: verify MNAN value if ANA is enabled (bsc#1185791).\n- PCI: Add AMD RS690 quirk to enable 64-bit DMA (git-fixes).\n- pinctrl: stm32: fix the reported number of GPIO lines per bank (git-fixes).\n- platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard() (git-fixes).\n- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation (git-fixes).\n- r8152: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- r8169: Avoid memcpy() over-reading of ETH_SS_STATS (git-fixes).\n- random32: Fix implicit truncation warning in prandom_seed_state() (git-fixes).\n- regulator: da9052: Ensure enough delay time for .set_voltage_time_sel (git-fixes).\n- regulator: hi655x: Fix pass wrong pointer to config.driver_data (git-fixes).\n- regulator: uniphier: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- reset: a10sr: add missing of_match_table reference (git-fixes).\n- reset: bail if try_module_get() fails (git-fixes).\n- reset: brcmstb: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- Revert \u0027ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro\u0027 (git-fixes).\n- Revert \u0027ibmvnic: remove duplicate napi_schedule call in open function\u0027 (bsc#1065729).\n- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).\n- rpm/kernel-binary.spec.in: Remove zdebug define used only once.\n- rsi: Assign beacon rate settings to the correct rate_info descriptor field (git-fixes).\n- rtc: fix snprintf() checking in is_rtc_hctosys() (git-fixes).\n- rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path (git-fixes).\n- scsi: qedf: Do not put host in qedf_vport_create() unconditionally (bsc#1170511).\n- serial: 8250: Actually allow UPF_MAGIC_MULTIPLIER baud rates (git-fixes).\n- serial: Add Option International GSM-Ready 56K/ISDN modem (git-fixes).\n- serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).\n- serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).\n- serial: mvebu-uart: fix calculation of clock divisor (git-fixes).\n- serial: remove wrong GLOBETROTTER.cis entry (git-fixes).\n- serial: tegra-tcu: Reorder channel initialization (git-fixes).\n- soc: fsl: qbman: Delete useless kfree code (bsc#1188176).\n- soc: fsl: qbman: Ensure device cleanup is run for kexec (bsc#1188176).\n- soundwire: stream: Fix test for DP prepare complete (git-fixes).\n- spi: fspi: dynamically alloc AHB memory (bsc#1188121).\n- spi: Make of_register_spi_device also set the fwnode (git-fixes).\n- spi: nxp-fspi: Use devm API to fix missed unregistration of controller (bsc#1188121).\n- spi: omap-100k: Fix the length judgment problem (git-fixes).\n- spi: spi-loopback-test: Fix \u0027tx_buf\u0027 might be \u0027rx_buf\u0027 (git-fixes).\n- spi: spi-nxp-fspi: Add ACPI support (bsc#1188121).\n- spi: spi-nxp-fspi: Add support for IP read only (bsc#1188121).\n- spi: spi-nxp-fspi: Enable the Octal Mode in MCR0 (bsc#1188121).\n- spi: spi-nxp-fspi: Fix a NULL vs IS_ERR() check in probe (bsc#1188121).\n- spi: spi-nxp-fspi: Implement errata workaround for LS1028A (bsc#1188121).\n- spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).\n- spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages() (git-fixes).\n- spi: stm32-qspi: Remove unused qspi field of struct stm32_qspi_flash (git-fixes).\n- spi: tegra114: Fix an error message (git-fixes).\n- ssb: Fix error return code in ssb_bus_scan() (git-fixes).\n- ssb: sdio: Do not overwrite const buffer if block_write fails (git-fixes).\n- staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt() (git-fixes).\n- staging: gdm724x: check for overflow in gdm_lte_netif_rx() (git-fixes).\n- staging: rtl8712: fix memory leak in rtl871x_load_fw_cb (git-fixes).\n- staging: rtl8712: remove redundant check in r871xu_drv_init (git-fixes).\n- tcp: Remove superfluous BH-disable around listening_hash (bsc#1188525).\n- thermal/drivers/rcar_gen3_thermal: Fix coefficient calculations (git-fixes).\n- tpm: Decorate tpm_get_timeouts() with request_locality() (bsc#1188036).\n- tpm: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1188036).\n- tpm: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1188036).\n- tpm: Reserve locality in tpm_tis_resume() (bsc#1188036).\n- tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing (git-fixes).\n- tracing: Fix parsing of \u0027sym-offset\u0027 modifier (git-fixes).\n- tracing: Resize tgid_map to pid_max, not PID_MAX_DEFAULT (git-fixes).\n- tracing: Simplify and fix saved_tgids logic (git-fixes).\n- tty: nozomi: Fix a resource leak in an error handling function (git-fixes).\n- tty: nozomi: Fix the error handling path of \u0027nozomi_card_init()\u0027 (git-fixes).\n- Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509).\n- Update patches.suse/Revert-ibmvnic-simplify-reset_long_term_buff-functio.patch (bsc#1186206 ltc#191041 bsc#1188405 ltc#193509).\n- usb: dwc2: Do not reset the core after setting turnaround time (git-fixes).\n- usb: dwc3: Fix debugfs creation flow (git-fixes).\n- usb: gadget: eem: fix echo command packet response issue (git-fixes).\n- usb: gadget: f_fs: Fix setting of device and driver data cross-references (git-fixes).\n- usb: typec: Add the missed altmode_id_remove() in typec_register_altmode() (git-fixes).\n- usb: typec: fusb302: Always provide fwnode for the port (git-fixes).\n- usb: typec: fusb302: fix \u0027op-sink-microwatt\u0027 default that was in mW (git-fixes).\n- usb: typec: tcpm: Error handling for tcpm_register_partner_altmodes (git-fixes).\n- usb: typec: tcpm: Move mod_delayed_work(port-\u003evdm_state_machine) call into tcpm_queue_vdm() (git-fixes).\n- usb: typec: tcpm: move to SNK_UNATTACHED if sink removed for DRP (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request (git-fixes).\n- usb: typec: tcpm: Refactor tcpm_handle_vdm_request payload handling (git-fixes).\n- usb: typec: tcpm: Remove tcpc_config configuration mechanism (git-fixes).\n- usb: typec: tcpm: set correct data role for non-DRD (git-fixes).\n- usb: typec: tcpm: Switch to use fwnode_property_count_uXX() (git-fixes).\n- usb: typec: ucsi: Hold con-\u003elock for the entire duration of ucsi_register_port() (git-fixes).\n- usb: typec: ucsi: Put fwnode in any case during -\u003eprobe() (git-fixes).\n- usb: typec: wcove: Fx wrong kernel doc format (git-fixes).\n- UsrMerge the kernel (boo#1184804)\n- vfio: Handle concurrent vma faults (git-fixes).\n- vfs: Convert functionfs to use the new mount API (git -fixes).\n- video: fbdev: imxfb: Fix an error message (git-fixes).\n- visorbus: fix error return code in visorchipset_init() (git-fixes).\n- vmxnet3: fix cksum offload issues for tunnels with non-default udp ports (git-fixes).\n- watchdog: aspeed: fix hardware timeout calculation (git-fixes).\n- watchdog: sp805: Fix kernel doc description (git-fixes).\n- wcn36xx: Move hal_buf allocation to devm_kmalloc in probe (git-fixes).\n- wireless: carl9170: fix LEDS build errors and warnings (git-fixes).\n- x86/kvm: Disable all PV features on crash (bsc#1185308).\n- x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).\n- x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).\n- x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).\n- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (bsc#1185308).\n- xhci: solve a double free problem while doing s4 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2599,SUSE-SLE-Module-RT-15-SP2-2021-2599",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2599-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:2599-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20212599-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:2599-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009244.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1085224",
"url": "https://bugzilla.suse.com/1085224"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1152472",
"url": "https://bugzilla.suse.com/1152472"
},
{
"category": "self",
"summary": "SUSE Bug 1152489",
"url": "https://bugzilla.suse.com/1152489"
},
{
"category": "self",
"summary": "SUSE Bug 1155518",
"url": "https://bugzilla.suse.com/1155518"
},
{
"category": "self",
"summary": "SUSE Bug 1170511",
"url": "https://bugzilla.suse.com/1170511"
},
{
"category": "self",
"summary": "SUSE Bug 1179243",
"url": "https://bugzilla.suse.com/1179243"
},
{
"category": "self",
"summary": "SUSE Bug 1180092",
"url": "https://bugzilla.suse.com/1180092"
},
{
"category": "self",
"summary": "SUSE Bug 1183871",
"url": "https://bugzilla.suse.com/1183871"
},
{
"category": "self",
"summary": "SUSE Bug 1184114",
"url": "https://bugzilla.suse.com/1184114"
},
{
"category": "self",
"summary": "SUSE Bug 1184804",
"url": "https://bugzilla.suse.com/1184804"
},
{
"category": "self",
"summary": "SUSE Bug 1185308",
"url": "https://bugzilla.suse.com/1185308"
},
{
"category": "self",
"summary": "SUSE Bug 1185791",
"url": "https://bugzilla.suse.com/1185791"
},
{
"category": "self",
"summary": "SUSE Bug 1186206",
"url": "https://bugzilla.suse.com/1186206"
},
{
"category": "self",
"summary": "SUSE Bug 1187215",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "self",
"summary": "SUSE Bug 1187585",
"url": "https://bugzilla.suse.com/1187585"
},
{
"category": "self",
"summary": "SUSE Bug 1188036",
"url": "https://bugzilla.suse.com/1188036"
},
{
"category": "self",
"summary": "SUSE Bug 1188080",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "self",
"summary": "SUSE Bug 1188116",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "self",
"summary": "SUSE Bug 1188121",
"url": "https://bugzilla.suse.com/1188121"
},
{
"category": "self",
"summary": "SUSE Bug 1188176",
"url": "https://bugzilla.suse.com/1188176"
},
{
"category": "self",
"summary": "SUSE Bug 1188267",
"url": "https://bugzilla.suse.com/1188267"
},
{
"category": "self",
"summary": "SUSE Bug 1188268",
"url": "https://bugzilla.suse.com/1188268"
},
{
"category": "self",
"summary": "SUSE Bug 1188269",
"url": "https://bugzilla.suse.com/1188269"
},
{
"category": "self",
"summary": "SUSE Bug 1188405",
"url": "https://bugzilla.suse.com/1188405"
},
{
"category": "self",
"summary": "SUSE Bug 1188525",
"url": "https://bugzilla.suse.com/1188525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-22555 page",
"url": "https://www.suse.com/security/cve/CVE-2021-22555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-35039 page",
"url": "https://www.suse.com/security/cve/CVE-2021-35039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3609 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3609/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3612 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3612/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-08-03T12:46:44Z",
"generator": {
"date": "2021-08-03T12:46:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:2599-1",
"initial_release_date": "2021-08-03T12:46:44Z",
"revision_history": [
{
"date": "2021-08-03T12:46:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch",
"product_id": "kernel-devel-rt-5.3.18-45.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product": {
"name": "kernel-source-rt-5.3.18-45.3.noarch",
"product_id": "kernel-source-rt-5.3.18-45.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "dlm-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-extra-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product": {
"name": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64",
"product_id": "kernel-rt_debug-livepatch-devel-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64",
"product_id": "kernel-syms-rt-5.3.18-45.2.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt-5.3.18-45.3.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product": {
"name": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64",
"product_id": "reiserfs-kmp-rt_debug-5.3.18-45.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP2",
"product": {
"name": "SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "dlm-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "gfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-devel-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64"
},
"product_reference": "kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-5.3.18-45.3.noarch as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch"
},
"product_reference": "kernel-source-rt-5.3.18-45.3.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-5.3.18-45.2.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64"
},
"product_reference": "kernel-syms-rt-5.3.18-45.2.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-5.3.18-45.3.x86_64 as component of SUSE Real Time Module 15 SP2",
"product_id": "SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
},
"product_reference": "ocfs2-kmp-rt-5.3.18-45.3.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-22555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-22555"
}
],
"notes": [
{
"category": "general",
"text": "A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-22555",
"url": "https://www.suse.com/security/cve/CVE-2021-22555"
},
{
"category": "external",
"summary": "SUSE Bug 1188116 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188116"
},
{
"category": "external",
"summary": "SUSE Bug 1188117 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188117"
},
{
"category": "external",
"summary": "SUSE Bug 1188411 for CVE-2021-22555",
"url": "https://bugzilla.suse.com/1188411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-22555"
},
{
"cve": "CVE-2021-35039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-35039"
}
],
"notes": [
{
"category": "general",
"text": "kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-35039",
"url": "https://www.suse.com/security/cve/CVE-2021-35039"
},
{
"category": "external",
"summary": "SUSE Bug 1188080 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188080"
},
{
"category": "external",
"summary": "SUSE Bug 1188126 for CVE-2021-35039",
"url": "https://bugzilla.suse.com/1188126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-35039"
},
{
"cve": "CVE-2021-3609",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3609"
}
],
"notes": [
{
"category": "general",
"text": ".A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3609",
"url": "https://www.suse.com/security/cve/CVE-2021-3609"
},
{
"category": "external",
"summary": "SUSE Bug 1187215 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1187215"
},
{
"category": "external",
"summary": "SUSE Bug 1188323 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188323"
},
{
"category": "external",
"summary": "SUSE Bug 1188720 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1188720"
},
{
"category": "external",
"summary": "SUSE Bug 1190276 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1190276"
},
{
"category": "external",
"summary": "SUSE Bug 1196810 for CVE-2021-3609",
"url": "https://bugzilla.suse.com/1196810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "important"
}
],
"title": "CVE-2021-3609"
},
{
"cve": "CVE-2021-3612",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3612"
}
],
"notes": [
{
"category": "general",
"text": "An out-of-bounds memory write flaw was found in the Linux kernel\u0027s joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3612",
"url": "https://www.suse.com/security/cve/CVE-2021-3612"
},
{
"category": "external",
"summary": "SUSE Bug 1187585 for CVE-2021-3612",
"url": "https://bugzilla.suse.com/1187585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Real Time Module 15 SP2:cluster-md-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:dlm-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:gfs2-kmp-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-devel-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-rt-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-rt_debug-devel-5.3.18-45.3.x86_64",
"SUSE Real Time Module 15 SP2:kernel-source-rt-5.3.18-45.3.noarch",
"SUSE Real Time Module 15 SP2:kernel-syms-rt-5.3.18-45.2.x86_64",
"SUSE Real Time Module 15 SP2:ocfs2-kmp-rt-5.3.18-45.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-08-03T12:46:44Z",
"details": "moderate"
}
],
"title": "CVE-2021-3612"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…