Bug 1220599 (CVE-2021-46953)

Summary: VUL-0: CVE-2021-46953: kernel: ACPI: GTDT: mapping corruption on watchdog probe failure
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez, stoyan.manolov, vasant.karasulli
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/395360/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-46953:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-02-29 07:32:03 UTC 
In the Linux kernel, the following vulnerability has been resolved:

ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure

When failing the driver probe because of invalid firmware properties,
the GTDT driver unmaps the interrupt that it mapped earlier.

However, it never checks whether the mapping of the interrupt actially
succeeded. Even more, should the firmware report an illegal interrupt
number that overlaps with the GIC SGI range, this can result in an
IPI being unmapped, and subsequent fireworks (as reported by Dann
Frazier).

Rework the driver to have a slightly saner behaviour and actually
check whether the interrupt has been mapped before unmapping things.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-46953
https://www.cve.org/CVERecord?id=CVE-2021-46953
https://git.kernel.org/stable/c/1ecd5b129252249b9bc03d7645a7bda512747277
https://git.kernel.org/stable/c/42e69521ee1fa5abf21f478d147d06bbfe6bf6a8
https://git.kernel.org/stable/c/504632a3577a049dd9bb7aabae5b4476f9c586b4
https://git.kernel.org/stable/c/596e079c362ac17ed02aa1b99fdc444d62072a01
https://git.kernel.org/stable/c/7b2162db1498c71962a4bb2f776fa4e76d4d305b
https://git.kernel.org/stable/c/c3385a9122f8db15b453e07bfc88117fce7f3724
https://git.kernel.org/stable/c/e0f2d86481eaa83df33b0793f75212919db7a19d
https://bugzilla.redhat.com/show_bug.cgi?id=2266471
Comment 3 Joey Lee 2024-03-04 08:16:13 UTC 
commit 1ecd5b129252249b9bc03d7645a7bda512747277                 [v5.13-rc1]
Author: Marc Zyngier <maz@kernel.org>
Date:   Wed Apr 21 17:43:16 2021 +0100

    ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure

    When failing the driver probe because of invalid firmware properties,
    the GTDT driver unmaps the interrupt that it mapped earlier.

    However, it never checks whether the mapping of the interrupt actially
    succeeded. Even more, should the firmware report an illegal interrupt
    number that overlaps with the GIC SGI range, this can result in an
    IPI being unmapped, and subsequent fireworks (as reported by Dann
    Frazier).

    Rework the driver to have a slightly saner behaviour and actually
    check whether the interrupt has been mapped before unmapping things.

    Reported-by: dann frazier <dann.frazier@canonical.com>
    Fixes: ca9ae5ec4ef0 ("acpi/arm64: Add SBSA Generic Watchdog support in GTDT driver")        [v4.12-rc1]
    Signed-off-by: Marc Zyngier <maz@kernel.org>
    Link: https://lore.kernel.org/r/YH87dtTfwYgavusz@xps13.dannf
Comment 4 Joey Lee 2024-03-04 08:16:40 UTC 
Update status:
- SLE15-SP6             [CONFIG_ACPI_GTDT=y][included fix]
- cve/linux-5.14        [CONFIG_ACPI_GTDT=y][included fix]
- cve/linux-5.3         [CONFIG_ACPI_GTDT=y][included fix, update References]
- cve/linux-4.12        [CONFIG_ACPI_GTDT=y][wait to be merged]
- cve/linux-4.4         [no CONFIG_ACPI_GTDT, not affected]
- cve/linux-3.0         [no CONFIG_ACPI_GTDT, not affected]
Comment 16 Maintenance Automation 2024-03-13 08:30:26 UTC 
SUSE-SU-2024:0857-1: An update that solves 67 vulnerabilities and has four security fixes can now be installed.

Category: security (important)
Bug References: 1200599, 1207653, 1212514, 1213456, 1216223, 1218195, 1218689, 1218915, 1219127, 1219128, 1219146, 1219295, 1219653, 1219827, 1219835, 1219915, 1220009, 1220140, 1220187, 1220238, 1220240, 1220241, 1220243, 1220250, 1220253, 1220255, 1220328, 1220330, 1220344, 1220398, 1220409, 1220416, 1220418, 1220421, 1220436, 1220444, 1220459, 1220469, 1220482, 1220526, 1220538, 1220570, 1220572, 1220599, 1220627, 1220641, 1220649, 1220660, 1220689, 1220700, 1220735, 1220736, 1220737, 1220742, 1220745, 1220767, 1220796, 1220825, 1220826, 1220831, 1220845, 1220860, 1220863, 1220870, 1220917, 1220918, 1220930, 1220931, 1220932, 1221039, 1221040
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46904, CVE-2021-46905, CVE-2021-46906, CVE-2021-46915, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46934, CVE-2021-46953, CVE-2021-46964, CVE-2021-46966, CVE-2021-46968, CVE-2021-46974, CVE-2021-46989, CVE-2021-47005, CVE-2021-47012, CVE-2021-47013, CVE-2021-47054, CVE-2021-47060, CVE-2021-47061, CVE-2021-47069, CVE-2021-47076, CVE-2021-47078, CVE-2021-47083, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-51042, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52463, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52569, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2023-6817, CVE-2024-0340, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26593, CVE-2024-26595, CVE-2024-26602, CVE-2024-26607, CVE-2024-26622
Sources used:
openSUSE Leap 15.3 (src): kernel-obs-qa-5.3.18-150300.59.153.1, kernel-livepatch-SLE15-SP3_Update_42-1-150300.7.3.2, kernel-syms-5.3.18-150300.59.153.1, kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2, kernel-source-5.3.18-150300.59.153.2, kernel-obs-build-5.3.18-150300.59.153.2
SUSE Linux Enterprise Live Patching 15-SP3 (src): kernel-livepatch-SLE15-SP3_Update_42-1-150300.7.3.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2, kernel-source-5.3.18-150300.59.153.2, kernel-syms-5.3.18-150300.59.153.1, kernel-obs-build-5.3.18-150300.59.153.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2, kernel-source-5.3.18-150300.59.153.2, kernel-syms-5.3.18-150300.59.153.1, kernel-obs-build-5.3.18-150300.59.153.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2, kernel-source-5.3.18-150300.59.153.2, kernel-syms-5.3.18-150300.59.153.1, kernel-obs-build-5.3.18-150300.59.153.2
SUSE Enterprise Storage 7.1 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2, kernel-source-5.3.18-150300.59.153.2, kernel-syms-5.3.18-150300.59.153.1, kernel-obs-build-5.3.18-150300.59.153.2
SUSE Linux Enterprise Micro 5.1 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2
SUSE Linux Enterprise Micro 5.2 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2024-03-13 08:30:42 UTC 
SUSE-SU-2024:0856-1: An update that solves 67 vulnerabilities and has seven security fixes can now be installed.

Category: security (important)
Bug References: 1155518, 1184436, 1185988, 1186286, 1200599, 1207653, 1212514, 1213456, 1216223, 1218195, 1218689, 1218915, 1219127, 1219128, 1219146, 1219295, 1219653, 1219827, 1219835, 1219915, 1220009, 1220140, 1220187, 1220238, 1220240, 1220241, 1220243, 1220250, 1220253, 1220255, 1220328, 1220330, 1220344, 1220398, 1220409, 1220416, 1220418, 1220421, 1220436, 1220444, 1220459, 1220469, 1220482, 1220526, 1220538, 1220570, 1220572, 1220599, 1220627, 1220641, 1220649, 1220660, 1220700, 1220735, 1220736, 1220737, 1220742, 1220745, 1220767, 1220796, 1220825, 1220826, 1220831, 1220845, 1220860, 1220863, 1220870, 1220917, 1220918, 1220930, 1220931, 1220932, 1221039, 1221040
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46904, CVE-2021-46905, CVE-2021-46906, CVE-2021-46915, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46934, CVE-2021-46953, CVE-2021-46964, CVE-2021-46966, CVE-2021-46968, CVE-2021-46974, CVE-2021-46989, CVE-2021-47005, CVE-2021-47012, CVE-2021-47013, CVE-2021-47054, CVE-2021-47060, CVE-2021-47061, CVE-2021-47069, CVE-2021-47076, CVE-2021-47078, CVE-2021-47083, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-51042, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52463, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52569, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2023-6817, CVE-2024-0340, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26593, CVE-2024-26595, CVE-2024-26602, CVE-2024-26607, CVE-2024-26622
Sources used:
SUSE Linux Enterprise Micro 5.1 (src): kernel-source-rt-5.3.18-150300.161.1
SUSE Linux Enterprise Micro 5.2 (src): kernel-source-rt-5.3.18-150300.161.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): kernel-source-rt-5.3.18-150300.161.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Joey Lee 2024-03-18 05:15:55 UTC 
(In reply to Joey Lee from comment #4)
> Update status:
> - SLE15-SP6             [CONFIG_ACPI_GTDT=y][included fix]
> - cve/linux-5.14        [CONFIG_ACPI_GTDT=y][included fix]
> - cve/linux-5.3         [CONFIG_ACPI_GTDT=y][included fix, update References]
> - cve/linux-4.12        [CONFIG_ACPI_GTDT=y][wait to be merged]
> - cve/linux-4.4         [no CONFIG_ACPI_GTDT, not affected]
> - cve/linux-3.0         [no CONFIG_ACPI_GTDT, not affected]

Backported patch be merged to cve/linux-4.12. Reset assigner
Comment 25 Maintenance Automation 2024-03-22 12:30:11 UTC 
SUSE-SU-2024:0976-1: An update that solves 47 vulnerabilities and has nine security fixes can now be installed.

Category: security (important)
Bug References: 1050549, 1186484, 1200599, 1212514, 1213456, 1218450, 1218527, 1218915, 1219127, 1219146, 1219295, 1219653, 1219827, 1219835, 1220187, 1220238, 1220240, 1220241, 1220250, 1220330, 1220340, 1220344, 1220409, 1220421, 1220436, 1220444, 1220459, 1220468, 1220482, 1220526, 1220570, 1220575, 1220599, 1220607, 1220613, 1220638, 1220641, 1220649, 1220700, 1220735, 1220767, 1220796, 1220825, 1220831, 1220845, 1220860, 1220861, 1220863, 1220870, 1220930, 1220931, 1220932, 1220957, 1221039, 1221040, 1221287
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52443, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622
Maintenance Incident: [SUSE:Maintenance:32929](https://smelt.suse.de/incident/32929/)
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src):
 kernel-source-rt-4.12.14-10.171.1, kernel-syms-rt-4.12.14-10.171.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Maintenance Automation 2024-03-22 12:30:21 UTC 
SUSE-SU-2024:0975-1: An update that solves 52 vulnerabilities and has seven security fixes can now be installed.

Category: security (important)
Bug References: 1050549, 1186484, 1200599, 1212514, 1213456, 1217987, 1217988, 1217989, 1218450, 1218527, 1218915, 1219127, 1219146, 1219295, 1219653, 1219827, 1219835, 1220187, 1220238, 1220240, 1220241, 1220250, 1220330, 1220340, 1220344, 1220409, 1220421, 1220436, 1220444, 1220459, 1220468, 1220482, 1220526, 1220570, 1220575, 1220599, 1220607, 1220613, 1220638, 1220641, 1220649, 1220700, 1220735, 1220767, 1220796, 1220825, 1220831, 1220845, 1220860, 1220861, 1220863, 1220870, 1220930, 1220931, 1220932, 1220957, 1221039, 1221040, 1221287
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-33200, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52443, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622
Maintenance Incident: [SUSE:Maintenance:32910](https://smelt.suse.de/incident/32910/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-source-azure-4.12.14-16.173.1, kernel-syms-azure-4.12.14-16.173.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-source-azure-4.12.14-16.173.1, kernel-syms-azure-4.12.14-16.173.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-source-azure-4.12.14-16.173.1, kernel-syms-azure-4.12.14-16.173.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Maintenance Automation 2024-03-22 12:32:09 UTC 
SUSE-SU-2024:0926-1: An update that solves 65 vulnerabilities and has six security fixes can now be installed.

Category: security (important)
Bug References: 1155518, 1184436, 1185988, 1186286, 1200599, 1212514, 1213456, 1218689, 1218915, 1219127, 1219128, 1219146, 1219295, 1219653, 1219827, 1219835, 1220009, 1220140, 1220187, 1220238, 1220240, 1220241, 1220243, 1220250, 1220253, 1220255, 1220328, 1220330, 1220344, 1220398, 1220409, 1220416, 1220418, 1220421, 1220436, 1220444, 1220459, 1220469, 1220482, 1220526, 1220538, 1220570, 1220572, 1220599, 1220627, 1220641, 1220649, 1220660, 1220700, 1220735, 1220736, 1220737, 1220742, 1220745, 1220767, 1220796, 1220825, 1220826, 1220831, 1220845, 1220860, 1220863, 1220870, 1220917, 1220918, 1220930, 1220931, 1220932, 1221039, 1221040, 1221287
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-46904, CVE-2021-46905, CVE-2021-46906, CVE-2021-46915, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46934, CVE-2021-46953, CVE-2021-46964, CVE-2021-46966, CVE-2021-46974, CVE-2021-46989, CVE-2021-47005, CVE-2021-47012, CVE-2021-47013, CVE-2021-47054, CVE-2021-47060, CVE-2021-47061, CVE-2021-47069, CVE-2021-47076, CVE-2021-47078, CVE-2021-47083, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-51042, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52463, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52569, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0340, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26593, CVE-2024-26595, CVE-2024-26602, CVE-2024-26607, CVE-2024-26622
Maintenance Incident: [SUSE:Maintenance:32904](https://smelt.suse.de/incident/32904/)
Sources used:
SUSE Linux Enterprise Live Patching 15-SP2 (src):
 kernel-livepatch-SLE15-SP2_Update_46-1-150200.5.3.2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src):
 kernel-obs-build-5.3.18-150200.24.183.1, kernel-syms-5.3.18-150200.24.183.1, kernel-source-5.3.18-150200.24.183.1, kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src):
 kernel-obs-build-5.3.18-150200.24.183.1, kernel-syms-5.3.18-150200.24.183.1, kernel-source-5.3.18-150200.24.183.1, kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src):
 kernel-obs-build-5.3.18-150200.24.183.1, kernel-syms-5.3.18-150200.24.183.1, kernel-source-5.3.18-150200.24.183.1, kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Maintenance Automation 2024-03-22 12:32:25 UTC 
SUSE-SU-2024:0925-1: An update that solves 49 vulnerabilities and has seven security fixes can now be installed.

Category: security (important)
Bug References: 1050549, 1186484, 1200599, 1212514, 1213456, 1218450, 1218527, 1218915, 1219127, 1219146, 1219295, 1219653, 1219827, 1219835, 1220187, 1220238, 1220240, 1220241, 1220250, 1220330, 1220340, 1220344, 1220409, 1220421, 1220436, 1220444, 1220459, 1220468, 1220482, 1220526, 1220570, 1220575, 1220599, 1220607, 1220613, 1220638, 1220641, 1220649, 1220700, 1220735, 1220767, 1220796, 1220825, 1220831, 1220845, 1220860, 1220861, 1220863, 1220870, 1220930, 1220931, 1220932, 1220957, 1221039, 1221040, 1221287
CVE References: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-33200, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52443, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600:, CVE-2024-26622
Maintenance Incident: [SUSE:Maintenance:32885](https://smelt.suse.de/incident/32885/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_54-1-8.7.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.201.2
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-4.12.14-122.201.1, kernel-source-4.12.14-122.201.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-4.12.14-122.201.1, kernel-source-4.12.14-122.201.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-4.12.14-122.201.1, kernel-source-4.12.14-122.201.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.