{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.106.1","kernel-source-rt":"5.14.21-150400.15.106.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.106.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.106.1","kernel-source-rt":"5.14.21-150400.15.106.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.106.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.106.1","kernel-source-rt":"5.14.21-150400.15.106.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.106.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.14.21-150400.15.106.1","kernel-source-rt":"5.14.21-150400.15.106.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.14.21-150400.15.106.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).\n- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).\n- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).\n- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).\n- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).\n- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).\n- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).\n- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).\n- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).\n- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).\n- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).\n- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).\n- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).\n- CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697).\n\nThe following non-security bugs were fixed:\n\n- KVM: x86: fix sending PV IPI (git-fixes).\n- idpf: add support for SW triggered interrupts (bsc#1235507).\n- idpf: enable WB_ON_ITR (bsc#1235507).\n- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).\n- kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge.\n- kernel/fork: beware of __put_task_struct() calling context (bsc#1189998 (PREEMPT_RT prerequisite backports)).\n- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).\n- rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression\n- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).\n- smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642].\n- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes).\n- usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes).\n- x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).\n- x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).\n- x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).\n- x86/fpu: Remove unused supervisor only offsets (git-fixes).\n- x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).\n- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).\n- x86/mce: Allow instrumentation during task work queueing (git-fixes).\n- x86/mce: Mark mce_end() noinstr (git-fixes).\n- x86/mce: Mark mce_panic() noinstr (git-fixes).\n- x86/mce: Mark mce_read_aux() noinstr (git-fixes).\n- x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).\n- x86/sgx: Free backing memory after faulting the enclave page (git-fixes).\n- x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).\n- x86/uaccess: Move variable into switch case statement (git-fixes).\n- x86: Annotate call_on_stack() (git-fixes).\n","id":"SUSE-SU-2025:0231-1","modified":"2025-01-24T10:10:55Z","published":"2025-01-24T10:10:55Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20250231-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1170891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1173139"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185010"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189998"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190358"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190428"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191949"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193983"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196869"},{"type":"REPORT","url":"https://bugzilla.suse.com/1200313"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201308"},{"type":"REPORT","url":"https://bugzilla.suse.com/1201489"},{"type":"REPORT","url":"https://bugzilla.suse.com/1209657"},{"type":"REPORT","url":"https://bugzilla.suse.com/1209798"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211592"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215304"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216702"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217169"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218447"},{"type":"REPORT","url":"https://bugzilla.suse.com/1221044"},{"type":"REPORT","url":"https://bugzilla.suse.com/1222721"},{"type":"REPORT","url":"https://bugzilla.suse.com/1222878"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223481"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223501"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223512"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223520"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223894"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223921"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223922"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223923"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223924"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223929"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223931"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223932"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223934"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223941"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223948"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223952"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223953"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223957"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223962"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223963"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223964"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223996"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224099"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224482"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224511"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224592"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224685"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224730"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224816"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224895"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224898"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224900"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224901"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230697"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232436"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233070"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233642"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234281"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234282"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234846"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234891"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234921"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234960"},{"type":"REPORT","url":"https://bugzilla.suse.com/1234963"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235004"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235035"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235054"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235056"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235061"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235073"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235220"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235224"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235246"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235507"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-36788"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-4148"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-42327"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47202"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47365"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47489"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47491"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47492"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48632"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48634"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48636"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48652"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48671"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48672"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48673"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48675"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48686"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48687"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48688"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48692"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48693"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48694"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48695"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48697"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48699"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48700"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48701"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48702"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48703"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48704"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-49035"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-0160"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-2860"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-47233"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52591"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52654"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52655"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52676"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6531"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-26764"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35811"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35815"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35895"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50154"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53095"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53146"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53156"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53173"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53179"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53206"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53214"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53239"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53240"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-53241"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56539"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56548"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56570"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56598"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56604"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56605"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56619"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8805"}],"related":["CVE-2020-36788","CVE-2021-4148","CVE-2021-42327","CVE-2021-47202","CVE-2021-47365","CVE-2021-47489","CVE-2021-47491","CVE-2021-47492","CVE-2022-48632","CVE-2022-48634","CVE-2022-48636","CVE-2022-48652","CVE-2022-48671","CVE-2022-48672","CVE-2022-48673","CVE-2022-48675","CVE-2022-48686","CVE-2022-48687","CVE-2022-48688","CVE-2022-48692","CVE-2022-48693","CVE-2022-48694","CVE-2022-48695","CVE-2022-48697","CVE-2022-48699","CVE-2022-48700","CVE-2022-48701","CVE-2022-48702","CVE-2022-48703","CVE-2022-48704","CVE-2022-49035","CVE-2023-0160","CVE-2023-2860","CVE-2023-47233","CVE-2023-52591","CVE-2023-52654","CVE-2023-52655","CVE-2023-52676","CVE-2023-6531","CVE-2024-26764","CVE-2024-35811","CVE-2024-35815","CVE-2024-35895","CVE-2024-35914","CVE-2024-50154","CVE-2024-53095","CVE-2024-53142","CVE-2024-53146","CVE-2024-53156","CVE-2024-53173","CVE-2024-53179","CVE-2024-53206","CVE-2024-53214","CVE-2024-53239","CVE-2024-53240","CVE-2024-53241","CVE-2024-56539","CVE-2024-56548","CVE-2024-56570","CVE-2024-56598","CVE-2024-56604","CVE-2024-56605","CVE-2024-56619","CVE-2024-8805"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2020-36788","CVE-2021-4148","CVE-2021-42327","CVE-2021-47202","CVE-2021-47365","CVE-2021-47489","CVE-2021-47491","CVE-2021-47492","CVE-2022-48632","CVE-2022-48634","CVE-2022-48636","CVE-2022-48652","CVE-2022-48671","CVE-2022-48672","CVE-2022-48673","CVE-2022-48675","CVE-2022-48686","CVE-2022-48687","CVE-2022-48688","CVE-2022-48692","CVE-2022-48693","CVE-2022-48694","CVE-2022-48695","CVE-2022-48697","CVE-2022-48699","CVE-2022-48700","CVE-2022-48701","CVE-2022-48702","CVE-2022-48703","CVE-2022-48704","CVE-2022-49035","CVE-2023-0160","CVE-2023-2860","CVE-2023-47233","CVE-2023-52591","CVE-2023-52654","CVE-2023-52655","CVE-2023-52676","CVE-2023-6531","CVE-2024-26764","CVE-2024-35811","CVE-2024-35815","CVE-2024-35895","CVE-2024-35914","CVE-2024-50154","CVE-2024-53095","CVE-2024-53142","CVE-2024-53146","CVE-2024-53156","CVE-2024-53173","CVE-2024-53179","CVE-2024-53206","CVE-2024-53214","CVE-2024-53239","CVE-2024-53240","CVE-2024-53241","CVE-2024-56539","CVE-2024-56548","CVE-2024-56570","CVE-2024-56598","CVE-2024-56604","CVE-2024-56605","CVE-2024-56619","CVE-2024-8805"]}