Lucene search

K
osvGoogleOSV:SUSE-SU-2024:3190-1
HistorySep 10, 2024 - 8:46 a.m.

Security update for the Linux Kernel

2024-09-1008:46:37
Google
osv.dev
6
suse linux kernel
security update
cve fixes
bugfixes
azure kernel
memory leak
double free
null pointer dereference
access control
integer overflow
memory barrier

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

20.6%

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
  • CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773).
  • CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524).
  • CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
  • CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
  • CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
  • CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
  • CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759).
  • CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
  • CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756).
  • CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
  • CVE-2024-44939: fix null ptr deref in dtInsertEntry (bsc#1229820).
  • CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
  • CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
  • CVE-2024-43902: Add null checker before passing variables (bsc#1229767).
  • CVE-2024-43904: Add null checks for ‘stream’ and ‘plane’ before dereferencing (bsc#1229768)
  • CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
  • CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
  • CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
  • CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658).
  • CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527).
  • CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
  • CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
  • CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
  • CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  • CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
  • CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605)
  • CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733).
  • CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722).
  • CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569).
  • CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
  • CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
  • CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488)
  • CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
  • CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
  • CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962)
  • CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428).
  • CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
  • CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
  • CVE-2024-27079: Fix NULL domain on device release (bsc#1223742).
  • CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
  • CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
  • CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
  • CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes).
  • CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
  • CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
  • CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
  • CVE-2024-27016: Validate pppoe header (bsc#1223807).
  • CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639).
  • CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
  • CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578).
  • CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
  • CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
  • CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391).
  • CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314)
  • CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
  • CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074)
  • CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes).
  • CVE-2024-26677: Blacklist e7870cf13d20 (‘rxrpc: Fix delayed ACKs to not set the reference serial number’) (bsc#1222387)
  • CVE-2024-36009: Blacklist 467324bcfe1a (‘ax25: Fix netdev refcount issue’) (bsc#1224542)
  • CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582).
  • CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388)
  • CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
  • CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383)
  • CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357)
  • CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345)
  • CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347)
  • CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
  • CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351).
  • CVE-2024-26669: Fix chain template offload (bsc#1222350).
  • CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,).
  • CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508).
  • CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
  • CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
  • CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
  • CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350).
  • CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319).
  • CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309).
  • CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307).
  • CVE-2024-43841: Do not use strlen() in const context (bsc#1229304).
  • CVE-2024-43839: Adjust ‘name’ buf size of bna_tcb and bna_ccb structures (bsc#1229301).
  • CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469).
  • CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386).
  • CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
  • CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
  • CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
  • CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
  • CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372).
  • CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
  • CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
  • CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
  • CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988).
  • CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065).
  • CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269).
  • CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579).
  • CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958).
  • CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
  • CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929).
  • CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494).
  • CVE-2024-42139: Fix improper extts handling (bsc#1228503).
  • CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
  • CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491).
  • CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706).
  • CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
  • CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
  • CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580).
  • CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667).
  • CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
  • CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613).
  • CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742).
  • CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
  • CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
  • CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777).

The following non-security bugs were fixed:

  • ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
  • ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
  • ACPI: bus: Rework system-level device notification handling (git-fixes).
  • ACPI: thermal: Drop nocrt parameter (git-fixes).
  • ACPI: x86: s2idle: Post-increment variables when getting constraints (git-fixes).
  • afs: Do not cross .backup mountpoint from backup volume (git-fixes).
  • ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
  • ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
  • ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
  • ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
  • ALSA: line6: Fix racy access to midibuf (stable-fixes).
  • ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
  • ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
  • ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
  • ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
  • ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
  • arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
  • arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
  • arm64: Add Neoverse-V2 part (git-fixes)
  • arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
  • arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
  • arm64: barrier: Restore spec_bar() macro (git-fixes)
  • arm64: cpufeature: Add missing .field_width for GIC system registers (git-fixes)
  • arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes)
  • arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git-fixes)
  • arm64: cputype: Add Cortex-A720 definitions (git-fixes)
  • arm64: cputype: Add Cortex-A725 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X1C definitions (git-fixes)
  • arm64: cputype: Add Cortex-X3 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X4 definitions (git-fixes)
  • arm64: cputype: Add Cortex-X925 definitions (git-fixes)
  • arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
  • arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
  • arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
  • arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (git-fixes)
  • arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
  • arm64: errata: Expand speculative SSBS workaround (git-fixes)
  • arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration.
  • arm64: Fix KASAN random tag seed initialization (git-fixes)
  • arm64: Fix KASAN random tag seed initialization (git-fixes)
  • ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
  • ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
  • ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
  • async: Introduce async_schedule_dev_nocall() (bsc#1221269).
  • async: Split async_schedule_node_domain() (bsc#1221269).
  • Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
  • Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
  • Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
  • Bluetooth: L2CAP: Fix deadlock (git-fixes).
  • bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
  • bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
  • btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
  • btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes).
  • btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes).
  • btrfs: sysfs: update fs features directory asynchronously (bsc#1226168).
  • cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418).
  • ceph: issue a cap release immediately if no cap exists (bsc#1225162).
  • ceph: periodically flush the cap releases (bsc#1225162).
  • cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes).
  • docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
  • drm: add missing MODULE_DESCRIPTION() macros (stable-fixes).
  • drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes).
  • drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
  • drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes).
  • drm/amd/display: Add NULL check for ‘afb’ before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes).
  • drm/amd/display: avoid using null object of framebuffer (git-fixes).
  • drm/amd/display: Fix && vs || typos (git-fixes).
  • drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
  • drm/amd/display: Validate hw_points_num before using it (stable-fixes).
  • drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
  • drm/amdgpu: Actually check flags for all context ops (stable-fixes).
  • drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
  • drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
  • drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
  • drm/amdgpu: Validate TA binary size (stable-fixes).
  • drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
  • drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
  • drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
  • drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
  • drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
  • drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes).
  • drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
  • drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
  • drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
  • drm/msm/dp: reset the link phy params before link training (git-fixes).
  • drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
  • drm/msm/dpu: do not play tricks with debug macros (git-fixes).
  • drm/tegra: Zero-initialize iosys_map (stable-fixes).
  • exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes).
  • exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
  • exfat: redefine DIR_DELETED as the bad cluster number (git-fixes).
  • exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes).
  • fs/netfs/fscache_cookie: add missing ‘n_accesses’ check (bsc#1229453).
  • fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
  • genirq: Add might_sleep() to disable_irq() (git-fixes).
  • genirq: Always limit the affinity to online CPUs (git-fixes).
  • genirq: Do not return error on missing optional irq_request_resources() (git-fixes).
  • genirq: Take the proposed affinity at face value if force==true (git-fixes).
  • genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
  • genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
  • genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes).
  • genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes).
  • genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
  • genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git-fixes).
  • gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
  • hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
  • i2c: smbus: Improve handling of stuck alerts (git-fixes).
  • i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
  • iommu/amd: Convert comma to semicolon (git-fixes).
  • ip6_tunnel: Fix broken GRO (bsc#1229444).
  • ipv6: sr: fix incorrect unregister order (git-fixes).
  • irqdomain: Drop bogus fwspec-mapping error handling (git-fixes).
  • irqdomain: Fix association race (git-fixes).
  • irqdomain: Fix disassociation race (git-fixes).
  • irqdomain: Fix domain registration race (git-fixes).
  • irqdomain: Fix mapping-creation race (git-fixes).
  • irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
  • irqdomain: Look for existing mapping only once (git-fixes).
  • irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes).
  • irqdomain: Report irq number for NOMAP domains (git-fixes).
  • kprobes: Fix to check symbol prefixes correctly (git-fixes).
  • lockd: move from strlcpy with unused retval to strscpy (git-fixes).
  • memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
  • mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  • mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  • mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
  • mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
  • net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes).
  • net: ks8851: Fix deadlock with the SPI chip variant (git-fixes).
  • net: ks8851: Fix potential TX stall after interface reopen (git-fixes).
  • net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes).
  • net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
  • net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
  • net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
  • net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
  • net: remove two BUG() from skb_checksum_help() (bsc#1229312).
  • net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
  • net/rds: fix possible cp null dereference (git-fixes).
  • net/sched: initialize noop_qdisc owner (git-fixes).
  • nfc: pn533: Add poll mod list filling check (git-fixes).
  • nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
  • nfs: make the rpc_stat per net namespace (git-fixes).
  • NFSD: add posix ACLs to struct nfsd_attrs (git-fixes).
  • NFSD: add security label to struct nfsd_attrs (git-fixes).
  • NFSD: fix regression with setting ACLs (git-fixes).
  • NFSD: Fix strncpy() fortify warning (git-fixes).
  • NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes).
  • NFSD: introduce struct nfsd_attrs (git-fixes).
  • NFSD: move from strlcpy with unused retval to strscpy (git-fixes).
  • NFSD: Optimize DRC bucket pruning (git-fixes).
  • nfsd: return error if nfs4_setacl fails (git-fixes).
  • NFSD: set attributes when creating symlinks (git-fixes).
  • nfsd: use locks_inode_context helper (git-fixes).
  • nilfs2: Remove check for PageError (git-fixes).
  • nvme_core: scan namespaces asynchronously (bsc#1224105).
  • ocfs2: use coarse time for new created files (git-fixes).
  • padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
  • perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
  • platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
  • platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
  • platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
  • platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
  • platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
  • platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
  • platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
  • platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
  • platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
  • platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
  • platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
  • platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
  • platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
  • power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
  • power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
  • powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869).
  • powerpc: Mark .opd section read-only (bsc#1194869).
  • powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869).
  • powerpc: xor_vmx: Add ‘-mhard-float’ to CFLAGS (bsc#1194869).
  • powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
  • powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
  • powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
  • powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
  • powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
  • powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
  • powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
  • powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
  • powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
  • powerpc/xmon: Check cpu id in commands ‘c#’, ‘dp#’ and ‘dx#’ (bsc#1194869).
  • RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
  • RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes)
  • RDMA/rxe: Fix rxe_modify_srq (git-fixes)
  • RDMA/rxe: Move work queue code to subroutines (git-fixes)
  • s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187).
  • s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079).
  • s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187).
  • s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190).
  • s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573).
  • s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572).
  • s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188).
  • spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
  • RDMA/rxe: Handle zero length rdma (git-fixes)
  • sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
  • SUNRPC: Fix a race to wake a sync task (git-fixes).
  • swiotlb: fix swiotlb_bounce() to do partial sync’s correctly (git-fixes).
  • syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
  • tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
  • ubifs: add check for crypto_shash_tfm_digest (git-fixes).
  • ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
  • ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
  • ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
  • vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
  • wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
  • wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
  • x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes).
  • x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
  • x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
  • x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
  • x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
  • xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
  • xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
  • xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
  • xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
  • xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).

References

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0.001

Percentile

20.6%