{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for the Linux Kernel","title":"Title of the patch"},{"category":"description","text":"\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-3702: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic (bnc#1191193).\n- CVE-2021-3669: Fixed a denial of service to replace costly bailout check in sysvipc_find_ipc() (bsc#1159886 bsc#1188986).\n- CVE-2021-3752: Fixed a use-after-free  uaf bug in bluetooth (bsc#1190023).\n- CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel (bnc#1190159)\n- CVE-2021-3744, CVE-2021-3764: Fixed some resource leaks in the ccp driver ccp_run_aes_gcm_cmd() (bsc#1189884 bsc#1190534).\n\nThe following non-security bugs were fixed:\n\n- ALSA: firewire-motu: fix truncated bytes in message tracepoints (git-fixes).\n- apparmor: remove duplicate macro list_entry_is_head() (git-fixes).\n- ASoC: fsl_micfil: register platform component before registering cpu dai (git-fixes).\n- ASoC: mediatek: common: handle NULL case in suspend/resume function (git-fixes).\n- ASoC: rockchip: i2s: Fix regmap_ops hang (git-fixes).\n- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (git-fixes).\n- ASoC: SOF: Fix DSP oops stack dump output contents (git-fixes).\n- ath9k: fix OOB read ar9300_eeprom_restore_internal (git-fixes).\n- ath9k: fix sleeping in atomic context (git-fixes).\n- blk-mq: do not deactivate hctx if managed irq isn't used (bsc#1185762).\n- blk-mq: kABI fixes for blk_mq_queue_map (bsc#1185762).\n- blk-mq: mark if one queue map uses managed irq (bsc#1185762).\n- Bluetooth: skip invalid hci_sync_conn_complete_evt (git-fixes).\n- bnx2x: fix an error code in bnx2x_nic_load() (git-fixes).\n- bnxt: count Tx drops (git-fixes).\n- bnxt: disable napi before canceling DIM (git-fixes).\n- bnxt: do not lock the tx queue from napi poll (git-fixes).\n- bnxt_en: Add missing DMA memory barriers (git-fixes).\n- bnxt_en: Disable aRFS if running on 212 firmware (git-fixes).\n- bnxt_en: Do not enable legacy TX push on older firmware (git-fixes).\n- bnxt_en: Store the running firmware version code (git-fixes).\n- bnxt: make sure xmit_more + errors does not miss doorbells (git-fixes).\n- btrfs: prevent rename2 from exchanging a subvol with a directory from different parents (bsc#1190626).\n- clk: at91: clk-generated: Limit the requested rate to our range (git-fixes).\n- clk: at91: clk-generated: pass the id of changeable parent at registration (git-fixes).\n- console: consume APC, DM, DCS (git-fixes).\n- cuse: fix broken release (bsc#1190596).\n- cxgb4: dont touch blocked freelist bitmap after free (git-fixes).\n- debugfs: Return error during {full/open}_proxy_open() on rmmod (bsc#1173746).\n- devlink: Break parameter notification sequence to be before/after unload/load driver (bsc#1154353).\n- dmaengine: ioat: depends on !UML (git-fixes).\n- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- dmaengine: xilinx_dma: Set DMA mask for coherent APIs (git-fixes).\n- docs: Fix infiniband uverbs minor number (git-fixes).\n- drivers: gpu: amd: Initialize amdgpu_dm_backlight_caps object to 0 in amdgpu_dm_update_backlight_caps (git-fixes).\n- drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (git-fixes).\n- drm/amd/display: Fix timer_per_pixel unit error (git-fixes).\n- drm/amdgpu: Fix BUG_ON assert (git-fixes).\n- drm: avoid blocking in drm_clients_info's rcu section (git-fixes).\n- drm/gma500: Fix end of loop tests for list_for_each_entry (git-fixes).\n- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (git-fixes).\n- drm/panfrost: Clamp lock region to Bifrost minimum (git-fixes).\n- e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100).\n- e1000e: Fix the max snoop/no-snoop latency for 10M (git-fixes).\n- EDAC/i10nm: Fix NVDIMM detection (bsc#1152489).\n- EDAC/synopsys: Fix wrong value type assignment for edac_mode (bsc#1152489).\n- erofs: fix up erofs_lookup tracepoint (git-fixes).\n- fbmem: do not allow too huge resolutions (git-fixes).\n- fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (git-fixes).\n- fpga: machxo2-spi: Return an error on failure (git-fixes).\n- fuse: flush extending writes (bsc#1190595).\n- fuse: truncate pagecache on atomic_o_trunc (bsc#1190705).\n- genirq: add device_has_managed_msi_irq (bsc#1185762).\n- gpio: uniphier: Fix void functions to remove return value (git-fixes).\n- gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (git-fixes).\n- gve: fix the wrong AdminQ buffer overflow check (bsc#1176940).\n- hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185726).\n- hv_netvsc: Make netvsc/VF binding check both MAC and serial number (jsc#SLE-18779, bsc#1185726).\n- hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (git-fixes).\n- hwmon: (tmp421) fix rounding for negative values (git-fixes).\n- hwmon: (tmp421) report /PVLD condition as fault (git-fixes).\n- i40e: Add additional info to PHY type error (git-fixes).\n- i40e: Fix firmware LLDP agent related warning (git-fixes).\n- i40e: Fix logic of disabling queues (git-fixes).\n- i40e: Fix log TC creation failure when max num of queues is exceeded (git-fixes).\n- i40e: Fix queue-to-TC mapping on Tx (git-fixes).\n- iavf: Fix ping is lost after untrusted VF had tried to change MAC (jsc#SLE-7940).\n- iavf: Set RSS LUT and key in reset handle path (git-fixes).\n- ibmvnic: check failover_pending in login response (bsc#1190523 ltc#194510).\n- ibmvnic: Consolidate code in replenish_rx_pool() (bsc#1190758 ltc#191943).\n- ibmvnic: Fix up some comments and messages (bsc#1190758 ltc#191943).\n- ibmvnic: init_tx_pools move loop-invariant code (bsc#1190758 ltc#191943).\n- ibmvnic: Reuse LTB when possible (bsc#1190758 ltc#191943).\n- ibmvnic: Reuse rx pools when possible (bsc#1190758 ltc#191943).\n- ibmvnic: Reuse tx pools when possible (bsc#1190758 ltc#191943).\n- ibmvnic: Use bitmap for LTB map_ids (bsc#1190758 ltc#191943).\n- ibmvnic: Use/rename local vars in init_rx_pools (bsc#1190758 ltc#191943).\n- ibmvnic: Use/rename local vars in init_tx_pools (bsc#1190758 ltc#191943).\n- ice: Prevent probing virtual functions (git-fixes).\n- iio: dac: ad5624r: Fix incorrect handling of an optional regulator (git-fixes).\n- include/linux/list.h: add a macro to test if entry is pointing to the head (git-fixes).\n- iomap: Fix negative assignment to unsigned sis->pages in iomap_swapfile_activate (bsc#1190784).\n- ionic: cleanly release devlink instance (bsc#1167773).\n- ionic: count csum_none when offload enabled (bsc#1167773).\n- ipc: remove memcg accounting for sops objects in do_semtimedop() (bsc#1190115).\n- ipc/util.c: use binary search for max_idx (bsc#1159886).\n- ipvs: allow connection reuse for unconfirmed conntrack (bsc#1190467).\n- ipvs: avoid expiring many connections from timer (bsc#1190467).\n- ipvs: Fix up kabi for expire_nodest_conn_work addition (bsc#1190467).\n- ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (bsc#1190467).\n- iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (git-fixes).\n- kernel-binary.spec: Check for no kernel signing certificates. Also remove unused variable.\n- kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs.\n- kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167 bsc#1191240 ltc#194716).\n- kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358).\n- libata: fix ata_host_start() (git-fixes).\n- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (git-fixes).\n- mac80211: fix use-after-free in CCMP/GCMP RX (git-fixes).\n- mac80211-hwsim: fix late beacon hrtimer handling (git-fixes).\n- mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (git-fixes).\n- mac80211: mesh: fix potentially unaligned access (git-fixes).\n- media: cedrus: Fix SUNXI tile size calculation (git-fixes).\n- media: coda: fix frame_mem_ctrl for YUV420 and YVU420 formats (git-fixes).\n- media: dib8000: rewrite the init prbs logic (git-fixes).\n- media: imx258: Limit the max analogue gain to 480 (git-fixes).\n- media: imx258: Rectify mismatch of VTS value (git-fixes).\n- media: rc-loopback: return number of emitters rather than error (git-fixes).\n- media: TDA1997x: fix tda1997x_query_dv_timings() return value (git-fixes).\n- media: uvc: do not do DMA on stack (git-fixes).\n- media: v4l2-dv-timings.c: fix wrong condition in two for-loops (git-fixes).\n- mfd: Do not use irq_create_mapping() to resolve a mapping (git-fixes).\n- mlx4: Fix missing error code in mlx4_load_one() (git-fixes).\n- mm: always have io_remap_pfn_range() set pgprot_decrypted() (git-fixes).\n- mmc: core: Return correct emmc response in case of ioctl error (git-fixes).\n- mmc: rtsx_pci: Fix long reads when clock is prescaled (git-fixes).\n- mmc: sdhci-of-arasan: Check return value of non-void funtions (git-fixes).\n- mm/swap: consider max pages in iomap_swapfile_add_extent (bsc#1190785).\n- netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state (bsc#1190062).\n- net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185726).\n- net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185726).\n- net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185726).\n- net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185726).\n- net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185726).\n- net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185726).\n- net: mana: Prefer struct_size over open coded arithmetic (jsc#SLE-18779, bsc#1185726).\n- net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185726).\n- net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185726).\n- net: mana: Use struct_size() in kzalloc() (jsc#SLE-18779, bsc#1185726).\n- net/mlx5e: Avoid creating tunnel headers for local route (git-fixes).\n- net/mlx5e: Fix nullptr in mlx5e_hairpin_get_mdev() (git-fixes).\n- net/mlx5e: Prohibit inner indir TIRs in IPoIB (git-fixes).\n- net/mlx5: E-Switch, handle devcom events only for ports on the same device (git-fixes).\n- net/mlx5: Fix flow table chaining (git-fixes).\n- net/mlx5: Fix return value from tracer initialization (git-fixes).\n- net/mlx5: Unload device upon firmware fatal error (git-fixes).\n- net: qlcnic: add missed unlock in qlcnic_83xx_flash_read32 (git-fixes).\n- net: sched: sch_teql: fix null-pointer dereference (bsc#1190717).\n- nfp: update ethtool reporting of pauseframe control (git-fixes).\n- NFS: change nfs_access_get_cached to only report the mask (bsc#1190746).\n- NFS: do not store 'struct cred *' in struct nfs_access_entry (bsc#1190746).\n- NFS: pass cred explicitly for access tests (bsc#1190746).\n- nvme: avoid race in shutdown namespace removal (bsc#1188067).\n- nvme: fix refcounting imbalance when all paths are down (bsc#1188067).\n- parport: remove non-zero check on count (git-fixes).\n- PCI: aardvark: Fix checking for PIO status (git-fixes).\n- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (git-fixes).\n- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (git-fixes).\n- PCI: Add ACS quirks for Cavium multi-function devices (git-fixes).\n- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (git-fixes).\n- PCI: Add AMD GPU multi-function power dependencies (git-fixes).\n- PCI: ibmphp: Fix double unmap of io_mem (git-fixes).\n- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (git-fixes).\n- PCI: pci-bridge-emul: Fix array overruns, improve safety (git-fixes).\n- PCI: pci-bridge-emul: Fix big-endian support (git-fixes).\n- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (git-fixes).\n- PCI: Use pci_update_current_state() in pci_enable_device_flags() (git-fixes).\n- PM: base: power: do not try to use non-existing RTC for storing data (git-fixes).\n- PM: EM: Increase energy calculation precision (git-fixes).\n- powercap: intel_rapl: add support for Sapphire Rapids (jsc#SLE-15289).\n- powerpc/drmem: Make LMB walk a bit more flexible (bsc#1190543 ltc#194523).\n- powerpc: fix function annotations to avoid section mismatch warnings with gcc-10 (bsc#1148868).\n- powerpc/perf: Drop the case of returning 0 as instruction pointer (bsc#1065729).\n- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set (bsc#1065729).\n- powerpc/perf: Fix the check for SIAR value (bsc#1065729).\n- powerpc/perf/hv-gpci: Fix counter value parsing (bsc#1065729).\n- powerpc/perf: Use regs->nip when SIAR is zero (bsc#1065729).\n- powerpc/perf: Use stack siar instead of mfspr (bsc#1065729).\n- powerpc/perf: Use the address from SIAR register to set cpumode flags (bsc#1065729).\n- powerpc/powernv: Fix machine check reporting of async store errors (bsc#1065729).\n- powerpc/pseries/dlpar: use rtas_get_sensor() (bsc#1065729).\n- powerpc/pseries: Prevent free CPU ids being reused on another node (bsc#1190620 ltc#194498).\n- power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors (git-fixes).\n- power: supply: max17042_battery: fix typo in MAx17042_TOFF (git-fixes).\n- pseries/drmem: update LMBs after LPM (bsc#1190543 ltc#194523).\n- pwm: img: Do not modify HW state in .remove() callback (git-fixes).\n- pwm: rockchip: Do not modify HW state in .remove() callback (git-fixes).\n- pwm: stm32-lp: Do not modify HW state in .remove() callback (git-fixes).\n- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (git-fixes).\n- RDMA/bnxt_re: Remove unpaired rtnl unlock in bnxt_re_dev_init() (bsc#1170774).\n- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (git-fixes).\n- regmap: fix page selection for noinc reads (git-fixes).\n- regmap: fix page selection for noinc writes (git-fixes).\n- regmap: fix the offset of register error log (git-fixes).\n- Restore kabi after NFS: pass cred explicitly for access tests (bsc#1190746).\n- rpm: Abolish scritplet templating (bsc#1189841).\n- rtc: rx8010: select REGMAP_I2C (git-fixes).\n- rtc: tps65910: Correct driver module alias (git-fixes).\n- s390/unwind: use current_frame_address() to unwind current task (bsc#1185677).\n- sched/fair: Add ancestors of unthrottled undecayed cfs_rq (bsc#1191292).\n- scsi: core: Add helper to return number of logical blocks in a request (bsc#1190576).\n- scsi: core: Introduce the scsi_cmd_to_rq() function (bsc#1190576).\n- scsi: fc: Add EDC ELS definition (bsc#1190576).\n- scsi: fc: Update formal FPIN descriptor definitions (bsc#1190576).\n- scsi: lpfc: Add bsg support for retrieving adapter cmf data (bsc#1190576).\n- scsi: lpfc: Add cmf_info sysfs entry (bsc#1190576).\n- scsi: lpfc: Add cmfsync WQE support (bsc#1190576).\n- scsi: lpfc: Add cm statistics buffer support (bsc#1190576).\n- scsi: lpfc: Add debugfs support for cm framework buffers (bsc#1190576).\n- scsi: lpfc: Add EDC ELS support (bsc#1190576).\n- scsi: lpfc: Add MIB feature enablement support (bsc#1190576).\n- scsi: lpfc: Add rx monitoring statistics (bsc#1190576).\n- scsi: lpfc: Add SET_HOST_DATA mbox cmd to pass date/time info to firmware (bsc#1190576).\n- scsi: lpfc: Add support for cm enablement buffer (bsc#1190576).\n- scsi: lpfc: Add support for maintaining the cm statistics buffer (bsc#1190576).\n- scsi: lpfc: Add support for the CM framework (bsc#1190576).\n- scsi: lpfc: Adjust bytes received vales during cmf timer interval (bsc#1190576).\n- scsi: lpfc: Copyright updates for 14.0.0.1 patches (bsc#1190576).\n- scsi: lpfc: Do not release final kref on Fport node while ABTS outstanding (bsc#1190576).\n- scsi: lpfc: Do not remove ndlp on PRLI errors in P2P mode (bsc#1190576).\n- scsi: lpfc: Expand FPIN and RDF receive logging (bsc#1190576).\n- scsi: lpfc: Fix compilation errors on kernels with no CONFIG_DEBUG_FS (bsc#1190576).\n- scsi: lpfc: Fix CPU to/from endian warnings introduced by ELS processing (bsc#1190576).\n- scsi: lpfc: Fix EEH support for NVMe I/O (bsc#1190576).\n- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (bsc#1190576).\n- scsi: lpfc: Fix gcc -Wstringop-overread warning, again (bsc#1190576).\n- scsi: lpfc: Fix hang on unload due to stuck fport node (bsc#1190576).\n- scsi: lpfc: Fix I/O block after enabling managed congestion mode (bsc#1190576).\n- scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (bsc#1190576).\n- scsi: lpfc: Fix NVMe I/O failover to non-optimized path (bsc#1190576).\n- scsi: lpfc: Fix premature rpi release for unsolicited TPLS and LS_RJT (bsc#1190576).\n- scsi: lpfc: Fix rediscovery of tape device after LIP (bsc#1190576).\n- scsi: lpfc: Fix sprintf() overflow in lpfc_display_fpin_wwpn() (bsc#1190576).\n- scsi: lpfc: Improve PBDE checks during SGL processing (bsc#1190576).\n- scsi: lpfc: Remove unneeded variable (bsc#1190576).\n- scsi: lpfc: Update lpfc version to 14.0.0.1 (bsc#1190576).\n- scsi: lpfc: Update lpfc version to 14.0.0.2 (bsc#1190576).\n- scsi: lpfc: Use correct scnprintf() limit (bsc#1190576).\n- scsi: lpfc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (bsc#1190576).\n- scsi: lpfc: Use the proper SCSI midlayer interfaces for PI (bsc#1190576).\n- scsi: lpfc: Zero CGN stats only during initial driver load and stat reset (bsc#1190576).\n- scsi: scsi_devinfo: Add blacklist entry for HPE OPEN-V (bsc#1189297).\n- serial: 8250: Define RX trigger levels for OxSemi 950 devices (git-fixes).\n- serial: 8250_pci: make setup_port() parameters explicitly unsigned (git-fixes).\n- serial: mvebu-uart: fix driver's tx_empty callback (git-fixes).\n- serial: sh-sci: fix break handling for sysrq (git-fixes).\n- spi: Fix tegra20 build with CONFIG_PM=n (git-fixes).\n- staging: board: Fix uninitialized spinlock when attaching genpd (git-fixes).\n- staging: ks7010: Fix the initialization of the 'sleep_status' structure (git-fixes).\n- staging: rts5208: Fix get_ms_information() heap buffer size (git-fixes).\n- thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (git-fixes).\n- time: Handle negative seconds correctly in timespec64_to_ns() (git-fixes).\n- tty: Fix data race between tiocsti() and flush_to_ldisc() (git-fixes).\n- tty: serial: jsm: hold port lock when reporting modem line changes (git-fixes).\n- tty: synclink_gt, drop unneeded forward declarations (git-fixes).\n- usb: core: hcd: Add support for deferring roothub registration (git-fixes).\n- usb: dwc2: Add missing cleanups when usb_add_gadget_udc() fails (git-fixes).\n- usb: dwc2: Avoid leaving the error_debugfs label unused (git-fixes).\n- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (git-fixes).\n- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (git-fixes).\n- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (git-fixes).\n- usb: gadget: r8a66597: fix a loop in set_feature() (git-fixes).\n- usb: gadget: u_ether: fix a potential null pointer dereference (git-fixes).\n- usb: host: fotg210: fix the actual_length of an iso packet (git-fixes).\n- usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes).\n- usbip: give back URBs for unsent unlink requests during cleanup (git-fixes).\n- usbip:vhci_hcd USB port can get stuck in the disabled state (git-fixes).\n- usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes).\n- usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (git-fixes).\n- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (git-fixes).\n- USB: serial: option: add device id for Foxconn T99W265 (git-fixes).\n- USB: serial: option: add Telit LN920 compositions (git-fixes).\n- USB: serial: option: remove duplicate USB device ID (git-fixes).\n- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (git-fixes).\n- video: fbdev: asiliantfb: Error out if 'pixclock' equals zero (git-fixes).\n- video: fbdev: kyro: Error out if 'pixclock' equals zero (git-fixes).\n- video: fbdev: kyro: fix a DoS bug by restricting user input (git-fixes).\n- video: fbdev: riva: Error out if 'pixclock' equals zero (git-fixes).\n- vmxnet3: add support for 32 Tx/Rx queues (bsc#1190406).\n- vmxnet3: add support for ESP IPv6 RSS (bsc#1190406).\n- vmxnet3: increase maximum configurable mtu to 9190 (bsc#1190406).\n- vmxnet3: prepare for version 6 changes (bsc#1190406).\n- vmxnet3: remove power of 2 limitation on the queues (bsc#1190406).\n- vmxnet3: set correct hash type based on rss information (bsc#1190406).\n- vmxnet3: update to version 6 (bsc#1190406).\n- watchdog/sb_watchdog: fix compilation problem due to COMPILE_TEST (git-fixes).\n- x86/alternatives: Teach text_poke_bp() to emulate instructions (bsc#1185302).\n- x86/apic/msi: Plug non-maskable MSI affinity race (bsc#1184439).\n- x86/cpu: Fix core name for Sapphire Rapids (jsc#SLE-15289).\n- x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (bsc#1152489).\n- x86/resctrl: Fix a maybe-uninitialized build warning treated as error (bsc#1152489).\n- x86/resctrl: Fix default monitoring groups reporting (bsc#1152489).\n- xfs: allow mount/remount when stripe width alignment is zero (bsc#1188651).\n- xfs: sync lazy sb accounting on quiesce of read-only mounts (bsc#1190679).\n- xgene-v2: Fix a resource leak in the error handling path of 'xge_probe()' (git-fixes).\n- xhci: Set HCD flag to defer primary roothub registration (git-fixes).\n","title":"Description of the patch"},{"category":"details","text":"openSUSE-2021-1357","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1357-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2021:1357-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SS5B6JL55TTUNHHOGTFHK5JQ6EZOF7ZV/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2021:1357-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SS5B6JL55TTUNHHOGTFHK5JQ6EZOF7ZV/"},{"category":"self","summary":"SUSE Bug 1065729","url":"https://bugzilla.suse.com/1065729"},{"category":"self","summary":"SUSE Bug 1148868","url":"https://bugzilla.suse.com/1148868"},{"category":"self","summary":"SUSE Bug 1152489","url":"https://bugzilla.suse.com/1152489"},{"category":"self","summary":"SUSE Bug 1154353","url":"https://bugzilla.suse.com/1154353"},{"category":"self","summary":"SUSE Bug 1159886","url":"https://bugzilla.suse.com/1159886"},{"category":"self","summary":"SUSE Bug 1167773","url":"https://bugzilla.suse.com/1167773"},{"category":"self","summary":"SUSE Bug 1170774","url":"https://bugzilla.suse.com/1170774"},{"category":"self","summary":"SUSE Bug 1173746","url":"https://bugzilla.suse.com/1173746"},{"category":"self","summary":"SUSE Bug 1176940","url":"https://bugzilla.suse.com/1176940"},{"category":"self","summary":"SUSE Bug 1184439","url":"https://bugzilla.suse.com/1184439"},{"category":"self","summary":"SUSE Bug 1184804","url":"https://bugzilla.suse.com/1184804"},{"category":"self","summary":"SUSE Bug 1185302","url":"https://bugzilla.suse.com/1185302"},{"category":"self","summary":"SUSE Bug 1185677","url":"https://bugzilla.suse.com/1185677"},{"category":"self","summary":"SUSE Bug 1185726","url":"https://bugzilla.suse.com/1185726"},{"category":"self","summary":"SUSE Bug 1185762","url":"https://bugzilla.suse.com/1185762"},{"category":"self","summary":"SUSE Bug 1187167","url":"https://bugzilla.suse.com/1187167"},{"category":"self","summary":"SUSE Bug 1188067","url":"https://bugzilla.suse.com/1188067"},{"category":"self","summary":"SUSE Bug 1188651","url":"https://bugzilla.suse.com/1188651"},{"category":"self","summary":"SUSE Bug 1188986","url":"https://bugzilla.suse.com/1188986"},{"category":"self","summary":"SUSE Bug 1189297","url":"https://bugzilla.suse.com/1189297"},{"category":"self","summary":"SUSE Bug 1189841","url":"https://bugzilla.suse.com/1189841"},{"category":"self","summary":"SUSE Bug 1189884","url":"https://bugzilla.suse.com/1189884"},{"category":"self","summary":"SUSE Bug 1190023","url":"https://bugzilla.suse.com/1190023"},{"category":"self","summary":"SUSE Bug 1190062","url":"https://bugzilla.suse.com/1190062"},{"category":"self","summary":"SUSE Bug 1190115","url":"https://bugzilla.suse.com/1190115"},{"category":"self","summary":"SUSE Bug 1190159","url":"https://bugzilla.suse.com/1190159"},{"category":"self","summary":"SUSE Bug 1190358","url":"https://bugzilla.suse.com/1190358"},{"category":"self","summary":"SUSE Bug 1190406","url":"https://bugzilla.suse.com/1190406"},{"category":"self","summary":"SUSE Bug 1190467","url":"https://bugzilla.suse.com/1190467"},{"category":"self","summary":"SUSE Bug 1190523","url":"https://bugzilla.suse.com/1190523"},{"category":"self","summary":"SUSE Bug 1190534","url":"https://bugzilla.suse.com/1190534"},{"category":"self","summary":"SUSE Bug 1190543","url":"https://bugzilla.suse.com/1190543"},{"category":"self","summary":"SUSE Bug 1190576","url":"https://bugzilla.suse.com/1190576"},{"category":"self","summary":"SUSE Bug 1190595","url":"https://bugzilla.suse.com/1190595"},{"category":"self","summary":"SUSE Bug 1190596","url":"https://bugzilla.suse.com/1190596"},{"category":"self","summary":"SUSE Bug 1190598","url":"https://bugzilla.suse.com/1190598"},{"category":"self","summary":"SUSE Bug 1190620","url":"https://bugzilla.suse.com/1190620"},{"category":"self","summary":"SUSE Bug 1190626","url":"https://bugzilla.suse.com/1190626"},{"category":"self","summary":"SUSE Bug 1190679","url":"https://bugzilla.suse.com/1190679"},{"category":"self","summary":"SUSE Bug 1190705","url":"https://bugzilla.suse.com/1190705"},{"category":"self","summary":"SUSE Bug 1190717","url":"https://bugzilla.suse.com/1190717"},{"category":"self","summary":"SUSE Bug 1190746","url":"https://bugzilla.suse.com/1190746"},{"category":"self","summary":"SUSE Bug 1190758","url":"https://bugzilla.suse.com/1190758"},{"category":"self","summary":"SUSE Bug 1190784","url":"https://bugzilla.suse.com/1190784"},{"category":"self","summary":"SUSE Bug 1190785","url":"https://bugzilla.suse.com/1190785"},{"category":"self","summary":"SUSE Bug 1191172","url":"https://bugzilla.suse.com/1191172"},{"category":"self","summary":"SUSE Bug 1191193","url":"https://bugzilla.suse.com/1191193"},{"category":"self","summary":"SUSE Bug 1191240","url":"https://bugzilla.suse.com/1191240"},{"category":"self","summary":"SUSE Bug 1191292","url":"https://bugzilla.suse.com/1191292"},{"category":"self","summary":"SUSE CVE CVE-2020-3702 page","url":"https://www.suse.com/security/cve/CVE-2020-3702/"},{"category":"self","summary":"SUSE CVE CVE-2021-3669 page","url":"https://www.suse.com/security/cve/CVE-2021-3669/"},{"category":"self","summary":"SUSE CVE CVE-2021-3744 page","url":"https://www.suse.com/security/cve/CVE-2021-3744/"},{"category":"self","summary":"SUSE CVE CVE-2021-3752 page","url":"https://www.suse.com/security/cve/CVE-2021-3752/"},{"category":"self","summary":"SUSE CVE CVE-2021-3764 page","url":"https://www.suse.com/security/cve/CVE-2021-3764/"},{"category":"self","summary":"SUSE CVE CVE-2021-40490 page","url":"https://www.suse.com/security/cve/CVE-2021-40490/"}],"title":"Security update for the Linux Kernel","tracking":{"current_release_date":"2021-10-15T12:13:03Z","generator":{"date":"2021-10-15T12:13:03Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2021:1357-1","initial_release_date":"2021-10-15T12:13:03Z","revision_history":[{"date":"2021-10-15T12:13:03Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"kernel-devel-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-devel-5.3.18-lp152.95.1.noarch","product_id":"kernel-devel-5.3.18-lp152.95.1.noarch"}},{"category":"product_version","name":"kernel-docs-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-docs-5.3.18-lp152.95.1.noarch","product_id":"kernel-docs-5.3.18-lp152.95.1.noarch"}},{"category":"product_version","name":"kernel-docs-html-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-docs-html-5.3.18-lp152.95.1.noarch","product_id":"kernel-docs-html-5.3.18-lp152.95.1.noarch"}},{"category":"product_version","name":"kernel-macros-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-macros-5.3.18-lp152.95.1.noarch","product_id":"kernel-macros-5.3.18-lp152.95.1.noarch"}},{"category":"product_version","name":"kernel-source-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-source-5.3.18-lp152.95.1.noarch","product_id":"kernel-source-5.3.18-lp152.95.1.noarch"}},{"category":"product_version","name":"kernel-source-vanilla-5.3.18-lp152.95.1.noarch","product":{"name":"kernel-source-vanilla-5.3.18-lp152.95.1.noarch","product_id":"kernel-source-vanilla-5.3.18-lp152.95.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"kernel-debug-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-debug-5.3.18-lp152.95.1.x86_64","product_id":"kernel-debug-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-debug-devel-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-debug-devel-5.3.18-lp152.95.1.x86_64","product_id":"kernel-debug-devel-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-default-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-default-5.3.18-lp152.95.1.x86_64","product_id":"kernel-default-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","product":{"name":"kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","product_id":"kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64"}},{"category":"product_version","name":"kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","product":{"name":"kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","product_id":"kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64"}},{"category":"product_version","name":"kernel-default-devel-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-default-devel-5.3.18-lp152.95.1.x86_64","product_id":"kernel-default-devel-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","product_id":"kernel-kvmsmall-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","product_id":"kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-obs-build-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-obs-build-5.3.18-lp152.95.1.x86_64","product_id":"kernel-obs-build-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-obs-qa-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-obs-qa-5.3.18-lp152.95.1.x86_64","product_id":"kernel-obs-qa-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-preempt-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-preempt-5.3.18-lp152.95.1.x86_64","product_id":"kernel-preempt-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","product_id":"kernel-preempt-devel-5.3.18-lp152.95.1.x86_64"}},{"category":"product_version","name":"kernel-syms-5.3.18-lp152.95.1.x86_64","product":{"name":"kernel-syms-5.3.18-lp152.95.1.x86_64","product_id":"kernel-syms-5.3.18-lp152.95.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Leap 15.2","product":{"name":"openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.2"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"kernel-debug-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-debug-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-debug-devel-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-debug-devel-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-default-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64"},"product_reference":"kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64"},"product_reference":"kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-default-devel-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-default-devel-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-devel-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-devel-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-docs-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-docs-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-docs-html-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-docs-html-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-kvmsmall-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-macros-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-macros-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-obs-build-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-obs-build-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-obs-qa-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-obs-qa-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-preempt-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-preempt-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-preempt-devel-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-source-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-source-vanilla-5.3.18-lp152.95.1.noarch as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch"},"product_reference":"kernel-source-vanilla-5.3.18-lp152.95.1.noarch","relates_to_product_reference":"openSUSE Leap 15.2"},{"category":"default_component_of","full_product_name":{"name":"kernel-syms-5.3.18-lp152.95.1.x86_64 as component of openSUSE Leap 15.2","product_id":"openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"},"product_reference":"kernel-syms-5.3.18-lp152.95.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.2"}]},"vulnerabilities":[{"cve":"CVE-2020-3702","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-3702"}],"notes":[{"category":"general","text":"u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2020-3702","url":"https://www.suse.com/security/cve/CVE-2020-3702"},{"category":"external","summary":"SUSE Bug 1191193 for CVE-2020-3702","url":"https://bugzilla.suse.com/1191193"},{"category":"external","summary":"SUSE Bug 1191529 for CVE-2020-3702","url":"https://bugzilla.suse.com/1191529"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"important"}],"title":"CVE-2020-3702"},{"cve":"CVE-2021-3669","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3669"}],"notes":[{"category":"general","text":"A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3669","url":"https://www.suse.com/security/cve/CVE-2021-3669"},{"category":"external","summary":"SUSE Bug 1188986 for CVE-2021-3669","url":"https://bugzilla.suse.com/1188986"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"moderate"}],"title":"CVE-2021-3669"},{"cve":"CVE-2021-3744","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3744"}],"notes":[{"category":"general","text":"A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3744","url":"https://www.suse.com/security/cve/CVE-2021-3744"},{"category":"external","summary":"SUSE Bug 1189884 for CVE-2021-3744","url":"https://bugzilla.suse.com/1189884"},{"category":"external","summary":"SUSE Bug 1190534 for CVE-2021-3744","url":"https://bugzilla.suse.com/1190534"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"moderate"}],"title":"CVE-2021-3744"},{"cve":"CVE-2021-3752","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3752"}],"notes":[{"category":"general","text":"A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3752","url":"https://www.suse.com/security/cve/CVE-2021-3752"},{"category":"external","summary":"SUSE Bug 1190023 for CVE-2021-3752","url":"https://bugzilla.suse.com/1190023"},{"category":"external","summary":"SUSE Bug 1190432 for CVE-2021-3752","url":"https://bugzilla.suse.com/1190432"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"important"}],"title":"CVE-2021-3752"},{"cve":"CVE-2021-3764","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-3764"}],"notes":[{"category":"general","text":"A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-3764","url":"https://www.suse.com/security/cve/CVE-2021-3764"},{"category":"external","summary":"SUSE Bug 1190534 for CVE-2021-3764","url":"https://bugzilla.suse.com/1190534"},{"category":"external","summary":"SUSE Bug 1194518 for CVE-2021-3764","url":"https://bugzilla.suse.com/1194518"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"moderate"}],"title":"CVE-2021-3764"},{"cve":"CVE-2021-40490","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-40490"}],"notes":[{"category":"general","text":"A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-40490","url":"https://www.suse.com/security/cve/CVE-2021-40490"},{"category":"external","summary":"SUSE Bug 1190159 for CVE-2021-40490","url":"https://bugzilla.suse.com/1190159"},{"category":"external","summary":"SUSE Bug 1192775 for CVE-2021-40490","url":"https://bugzilla.suse.com/1192775"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.1,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Leap 15.2:kernel-debug-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-debug-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-default-base-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-base-rebuild-5.3.18-lp152.95.1.lp152.8.44.1.x86_64","openSUSE Leap 15.2:kernel-default-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-devel-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-docs-html-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-kvmsmall-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-kvmsmall-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-macros-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-obs-build-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-obs-qa-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-preempt-devel-5.3.18-lp152.95.1.x86_64","openSUSE Leap 15.2:kernel-source-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-source-vanilla-5.3.18-lp152.95.1.noarch","openSUSE Leap 15.2:kernel-syms-5.3.18-lp152.95.1.x86_64"]}],"threats":[{"category":"impact","date":"2021-10-15T12:13:03Z","details":"moderate"}],"title":"CVE-2021-40490"}]}