The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2020-36780: Fixed a reference leak when pm_runtime_get_sync fails in i2c . * CVE-2020-36782: Fixed a reference leak when pm_runtime_get_sync fails in i2c imx-lpi2c . * CVE-2020-36783: Fixed a reference leak when pm_runtime_get_sync fails in i2c img-scb . * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets . * CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge . * CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath . * CVE-2021-46930: Fixed a list_head check warning caused by uninitialization of list_head in usb mtu3 . * CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq . * CVE-2021-46939: Fixed a denial of service in trace_clock_global in tracing . * CVE-2021-46943: Fixed an oops in set_fmt error handling in media: staging/intel-ipu3 . * CVE-2021-46944: Fixed a memory leak in imu_fmt in media staging/intel-ipu3 . * CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 . * CVE-2021-46951: Fixed an integer underflow of efi_tpm_final_log_size in tpm_read_log_efi in tpm efi . * CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs . * CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs . * CVE-2021-46961: Fixed an error on not enabling irqs when handling spurious interrups in irqchip/gic-v3 . * CVE-2021-46962: Fixed a resource leak in the remove function in mmc uniphier-sd . * CVE-2021-46963: Fixed a denial of service in qla2xxx_mqueuecommand in scsi qla2xxx * CVE-2021-46971: Fixed unconditional security_locked_down call in perf/core . * CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd . * CVE-2021-46984: Fixed an out of bounds access in kyber_bio_merge in kyber . * CVE-2021-46988: Fixed release page in error path to avoid BUG_ON in userfaultfd . * CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s . * CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask . * CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets . * CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic . * CVE-2021-47000: Fixed an inode leak on getattr error in __fh_to_dentry in ceph . * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint . * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send . * CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt in bnxt_en . * CVE-2021-47020: Fixed a memory leak in stream config error path in soundwire stream . * CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s . * CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb in scsi lpfc . * CVE-2021-47049: Fixed an after free in __vmbus_open in hv vmbus . * CVE-2021-47051: Fixed a PM reference leak in lpspi_prepare_xfer_hardware in spi fsl-lpspi . * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd . * CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto . * CVE-2021-47058: Fixed a possible user-after-free in set debugfs_name in regmap . * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync"ing SRCU . * CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel . * CVE-2021-47065: Fixed an array overrun in rtw_get_tx_power_params in rtw88 . * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect . * CVE-2021-47069: Fixed a crash due to relying on a stack reference past its expiry in ipc/mqueue, ipc/msg, ipc/sem . * CVE-2021-47070: Fixed a memory leak in error handling paths on memory allocated by vmbus_alloc_ring in uio_hv_generic . * CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup in uio_hv_generic . * CVE-2021-47073: Fixed a oops on rmmod dell_smbios exit_dell_smbios_wmi in platform/x86 dell-smbios-wmi . * CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data . * CVE-2021-47082: Fixed a double free in tun_free_netdev in tun . * CVE-2021-47109: Fixed an overflow in neighbour table in neighbour . * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm . * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm . * CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 . * CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 . * CVE-2021-47118: Fixed an use-after-free in init task"s struct pid in pid . * CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 . * CVE-2021-47120: Fixed a NULL pointer dereference on disconnect in HID magicmouse . * CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 . * CVE-2021-47139: Fixed a race condition that lead to oops in netdevice registration in net hns3 . * CVE-2021-47141: Fixed a null pointer dereference on priv-greater thanmsix_vectors when driver is unloaded in gve . * CVE-2021-47142: Fixed an use-after-free on ttm-greater thansg in drm/amdgpu . * CVE-2021-47144: Fixed a refcount leak in amdgpufb_create in drm/amd/amdgpu . * CVE-2021-47153: Fixed an out-of-range memory access during bus reset in the case of a block transaction in i2c/i801 . * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi . * CVE-2021-47165: Fixed a NULL pointer dereference when component was not probed during shutdown in drm/mesonhe . * CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce in nfs . * CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request in nfs . * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout in nfs . * CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 . * CVE-2021-47170: Fixed a WARN about excessively large memory allocations in usb usbfs . * CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb . * CVE-2021-47172: Fixed a potential overflow due to non sequential channel numbers in adc/ad7124 . * CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 . * CVE-2021-47177: Fixed a sysfs leak in alloc_iommu in iommu/vt-d . * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return in nfsv4 . * CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci . * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource . * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc . * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer . * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs . * CVE-2022-0487: Fixed an use-after-free vulnerability in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c . * CVE-2022-4744: Fixed a double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality . * CVE-2022-48626: Fixed a potential use-after-free on remove path in moxart . * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system . * CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread . * CVE-2023-28746: Fixed Register File Data Sampling . * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work . * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length in nvmet-tcp . * CVE-2023-52469: Fixed an use-after-free in kv_parse_power_table in drivers/amd/pm . * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init . * CVE-2023-52474: Fixed a data corruption in user SDMA requests in IB/hfi1 . * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall . * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors . * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command . * CVE-2023-52500: Fixed leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command in scsi in pm80xx . * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work . * CVE-2023-52572: Fixed UAF in cifs_demultiplex_thread in cifs . * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off . * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget inside ceph . * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming . * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming . * CVE-2023-52607: Fixed null-pointer dereference in pgtable_cache_add kasprintf in powerpc/mm . * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables . * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts . * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec . * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector"s deletion of SKB races . * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request . * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete . * CVE-2023-7042: Fixed a null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev in drivers/net/wireless/ath/ath10k/wmi-tlv.c in net . * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c . * CVE-2024-22099: Fixed a null pointer dereference in /net/bluetooth/rfcomm/core.C in bluetooth . * CVE-2024-26600: Fixed null pointer dereference for SRP in phy-omap-usb2 . * CVE-2024-26614: Fixed the initialization of accept_queue"s spinlocks . * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables . * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 . * CVE-2024-26733: Fixed an overflow in arp_req_get in arp . The following non-security bugs were fixed: * doc/README.SUSE: Update information about module support status * usb: hub: Guard against accesses to uninitialized BOS descriptors . * fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super . * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc . ## Special Instructions and Notes: * Please reboot the system after installing this update.