Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3321-1 Final 1 1 2024-09-18T21:03:47Z current 2024-09-18T21:03:47Z 2024-09-18T21:03:47Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) This update for the Linux Kernel 6.4.0-150600_8 fixes one issue. The following security issue was fixed: - CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3321,SUSE-SLE-Module-Live-Patching-15-SP6-2024-3321 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243321-1/ Link for SUSE-SU-2024:3321-1 https://lists.suse.com/pipermail/sle-security-updates/2024-September/019458.html E-Mail link for SUSE-SU-2024:3321-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1225313 SUSE Bug 1225313 https://www.suse.com/security/cve/CVE-2024-35817/ SUSE CVE CVE-2024-35817 page SUSE Linux Enterprise Live Patching 15 SP6 kernel-livepatch-6_4_0-150600_8-rt-3-150600.3.2 kernel-livepatch-6_4_0-150600_8-rt-3-150600.3.2 as a component of SUSE Linux Enterprise Live Patching 15 SP6 In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgpu_ttm_backend_unbind will not clear the gart page table entry and leave valid mapping entry pointing to the stale system page. Then if GPU access the gart address mistakely, it will read undefined value instead page fault, harder to debug and reproduce the real issue. CVE-2024-35817 SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-3-150600.3.2 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243321-1/ https://www.suse.com/security/cve/CVE-2024-35817.html CVE-2024-35817 https://bugzilla.suse.com/1224736 SUSE Bug 1224736 https://bugzilla.suse.com/1225313 SUSE Bug 1225313