Bug 1214428 - NVMe regression between kernel 6.4.9 and 6.4.11
Summary: NVMe regression between kernel 6.4.9 and 6.4.11
Status: RESOLVED FIXED
: 1214397 1214570 (view as bug list)
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Kernel (show other bugs)
Version: Current
Hardware: Other Other
: P5 - None : Critical (vote)
Target Milestone: ---
Assignee: openSUSE Kernel Bugs
QA Contact: E-mail List
URL: https://bugzilla.kernel.org/show_bug....
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-21 08:26 UTC by Michal Hlavac
Modified: 2024-06-25 17:54 UTC (History)
9 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
wm2 update for usrmerge (6.92 KB, patch)
2023-08-21 09:08 UTC, Michal Suchanek 		Details | Diff
zypper log after patch (19.30 KB, text/x-log)
2023-08-21 09:47 UTC, Michal Hlavac 		Details
proposed patch (7.00 KB, patch)
2023-08-21 09:54 UTC, Michal Suchanek 		Details | Diff
proposed patch (7.17 KB, patch)
2023-08-21 10:11 UTC, Michal Suchanek 		Details | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michal Hlavac 2023-08-21 08:26:57 UTC 
Hi,

after upgrading to snapshot 20230819 I can't boot. Workaround is to rollback to previous snapshot with kernel 6.4.9.

Errors while installing kernel:
(105/199) Installing: cpupower-bash-completion-6.4.11-4.23.noarch .................................................................................................................................................[done]
depmod: ERROR: could not open directory /var/tmp/weak-modules2.VLshY4/6.4.11-1-default/usr/lib/modules/6.4.11-1-default: No such file or directory
depmod: FATAL: could not search modules: No such file or directory
depmod exited with error 1
depmod: ERROR: could not open directory /var/tmp/weak-modules2.VLshY4/6.4.11-1-default/usr/lib/modules/6.4.11-1-default: No such file or directory
depmod: FATAL: could not search modules: No such file or directory
depmod exited with error 1
depmod: ERROR: could not open directory /var/tmp/weak-modules2.VLshY4/6.4.11-1-default/usr/lib/modules/6.4.11-1-default: No such file or directory
depmod: FATAL: could not search modules: No such file or directory
depmod exited with error 1
depmod: ERROR: could not open directory /var/tmp/weak-modules2.VLshY4/6.4.11-1-default/usr/lib/modules/6.4.11-1-default: No such file or directory
depmod: FATAL: could not search modules: No such file or directory
depmod exited with error 1
dracut[I]: Executing: /usr/bin/dracut -f /boot/initrd-6.4.11-1-default 6.4.11-1-default
dracut[I]: Module 'systemd-networkd' will not be installed, because command 'networkctl' could not be found!
dracut[I]: Module 'systemd-networkd' will not be installed, because command '/usr/lib/systemd/systemd-networkd' could not be found!
dracut[I]: Module 'systemd-networkd' will not be installed, because command '/usr/lib/systemd/systemd-networkd-wait-online' could not be found!
dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found!
dracut[I]: Module 'systemd-portabled' will not be installed, because command 'portablectl' could not be found!
dracut[I]: Module 'systemd-portabled' will not be installed, because command '/usr/lib/systemd/systemd-portabled' could not be found!
dracut[I]: Module 'systemd-repart' will not be installed, because command 'systemd-repart' could not be found!
dracut[I]: Module 'systemd-resolved' will not be installed, because command 'resolvectl' could not be found!
dracut[I]: Module 'systemd-resolved' will not be installed, because command '/usr/lib/systemd/systemd-resolved' could not be found!
dracut[I]: Module 'dbus-broker' will not be installed, because command 'dbus-broker' could not be found!
dracut[I]: Module 'rngd' will not be installed, because command 'rngd' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmand' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmanctl' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmand-wait-online' could not be found!
dracut[I]: Module 'tpm2-tss' will not be installed, because command 'tpm2' could not be found!
dracut[I]: Module 'memstrack' will not be installed, because command 'memstrack' could not be found!
dracut[I]: memstrack is not available
dracut[I]: If you need to use rd.memdebug>=4, please install memstrack and procps-ng
dracut[I]: Module 'squash' will not be installed, because command 'mksquashfs' could not be found!
dracut[I]: Module 'squash' will not be installed, because command 'unsquashfs' could not be found!
dracut[I]: Module 'systemd-pcrphase' will not be installed, because command '/usr/lib/systemd/systemd-pcrphase' could not be found!
dracut[I]: Module 'systemd-portabled' will not be installed, because command 'portablectl' could not be found!
dracut[I]: Module 'systemd-portabled' will not be installed, because command '/usr/lib/systemd/systemd-portabled' could not be found!
dracut[I]: Module 'systemd-repart' will not be installed, because command 'systemd-repart' could not be found!
dracut[I]: Module 'systemd-resolved' will not be installed, because command 'resolvectl' could not be found!
dracut[I]: Module 'systemd-resolved' will not be installed, because command '/usr/lib/systemd/systemd-resolved' could not be found!
dracut[I]: Module 'dbus-broker' will not be installed, because command 'dbus-broker' could not be found!
dracut[I]: Module 'rngd' will not be installed, because command 'rngd' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmand' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmanctl' could not be found!
dracut[I]: Module 'connman' will not be installed, because command 'connmand-wait-online' could not be found!
dracut[I]: Module 'tpm2-tss' will not be installed, because command 'tpm2' could not be found!
dracut[I]: Module 'memstrack' will not be installed, because command 'memstrack' could not be found!
dracut[I]: memstrack is not available
dracut[I]: If you need to use rd.memdebug>=4, please install memstrack and procps-ng
dracut[I]: Module 'squash' will not be installed, because command 'mksquashfs' could not be found!
dracut[I]: Module 'squash' will not be installed, because command 'unsquashfs' could not be found!
dracut[I]: *** Including module: systemd ***
dracut[I]: *** Including module: systemd-initrd ***
dracut[I]: *** Including module: i18n ***
dracut[W]: Could not find FONT_MAP none!
dracut[I]: *** Including module: drm ***
dracut[I]: *** Including module: plymouth ***
dracut[I]: *** Including module: btrfs ***
dracut[I]: *** Including module: kernel-modules ***
dracut[I]: *** Including module: kernel-modules-extra ***
dracut[I]: *** Including module: resume ***
dracut[I]: *** Including module: rootfs-block ***
dracut[I]: *** Including module: suse-btrfs ***
dracut[I]: *** Including module: suse-xfs ***
dracut[I]: *** Including module: terminfo ***
dracut[I]: *** Including module: udev-rules ***
dracut[I]: *** Including module: biosdevname ***
dracut[I]: *** Including module: dracut-systemd ***
dracut[I]: *** Including module: haveged ***
dracut[I]: *** Including module: ostree ***
dracut[I]: *** Including module: usrmount ***
dracut[I]: *** Including module: base ***
dracut[I]: *** Including module: fs-lib ***
dracut[I]: *** Including module: shutdown ***
dracut[I]: *** Including module: suse ***
dracut[I]: *** Including module: suse-initrd ***
dracut[I]: *** Including modules done ***
dracut[I]: *** Installing kernel module dependencies ***
dracut[I]: *** Installing kernel module dependencies done ***
dracut[I]: *** Resolving executable dependencies ***
dracut[I]: *** Resolving executable dependencies done ***
dracut[I]: *** Hardlinking files ***
dracut[I]: *** Hardlinking files done ***
dracut[I]: *** Generating early-microcode cpio image ***
dracut[I]: *** Constructing GenuineIntel.bin ***
dracut[I]: *** Store current command line parameters ***
dracut[I]: Stored kernel commandline:
dracut[I]:  rd.driver.pre=btrfs
dracut[I]:  resume=UUID=8b7037f4-6854-4823-b18e-31b16640dc2c
dracut[I]:  root=UUID=77f9732f-d16e-42be-a171-20cc4d05f6b7 rootfstype=btrfs rootflags=rw,relatime,ssd,discard=async,space_cache,subvolid=141038,subvol=/@/.snapshots/4756/snapshot,subvol=@/.snapshots/4756/snapshot
dracut[I]: *** Stripping files ***
dracut[I]: *** Stripping files done ***
dracut[I]: *** Creating image file '/boot/initrd-6.4.11-1-default' ***
dracut[I]: *** Creating initramfs image file '/boot/initrd-6.4.11-1-default' done ***
Option --add-kernel not available for grub2-efi.
SKIP: /etc/uefi/certs/1F673297.crt is already in the enrollment request
(106/199) Installing: kernel-default-6.4.11-1.1.x86_64 ............................................................................................................................................................[done]
Comment 1 Michal Suchanek 2023-08-21 09:08:28 UTC 
Created attachment 868902 [details]
wm2 update for usrmerge

Can you please test this patch to /usr/lib/module-init-tools/weak-modules2
Comment 2 Michal Hlavac 2023-08-21 09:24:35 UTC 
Do I need to patch it before installing a new snapshot or after?
Comment 3 Michal Suchanek 2023-08-21 09:31:12 UTC 
It depends.

If the snapshot does not include suse-module-tools update you can patch before.

Otherwise patch after and reinstall the kernel afterwards with

zypper in --force kernel-default

This should avoid

depmod: ERROR: could not open directory /var/tmp/weak-modules2.VLshY4/6.4.11-1-default/usr/lib/modules/6.4.11-1-default: No such file or directory
Comment 4 Michal Suchanek 2023-08-21 09:33:43 UTC 
Also does the kernel 6.4.9 get removed or can you try booting the old kernel after the update without rollback?
Comment 5 Michal Hlavac 2023-08-21 09:35:10 UTC 
snapper rollback to 6.4.9 saved my life. It works.
Comment 6 Michal Suchanek 2023-08-21 09:46:26 UTC 
The rollback may work in making the system bootable but it does not work for figuring out why the system does not boot.

I suspect it's not related to wm2 after all, it would probably show up in tests. There is noise from wm2 but it likely is not what prevented the new kernel from booting. Hard to say without more testing on the system in question.
Comment 7 Michal Hlavac 2023-08-21 09:47:28 UTC 
Created attachment 868904 [details]
zypper log after patch

Your patch does not work. Output is in attachment
Comment 8 Michal Suchanek 2023-08-21 09:54:40 UTC 
Created attachment 868905 [details]
proposed patch

Indeed, the patch omits a regexp group but does not renumber the replacement, sorry about that.
Comment 9 Michal Suchanek 2023-08-21 10:11:54 UTC 
Created attachment 868909 [details]
proposed patch

There was another change missed
Comment 10 Michal Hlavac 2023-08-21 10:25:36 UTC 
There was no error with latest patch while installing kernel, but after reboot there was the same error:

[ OK ] Started Show Plymouth Boot Screen.

OK 1 Started Forward Password Requests to Plymouth Directory Watch. E OK 1 Reached target Path Units.

[ OK ] Reached target Basic System.

[OK] Found device PM961 NVMe SAMSUNG 51268 ESP.

[

UK] Found device PH961 NVMe SAMSUNG 51268 primary.

[ OK ] Reached target Initrd Root Device.

[UK] Finished dracut initqueue hook.

OK 1 Reached target Preparation for Remote File Systems .

[UK] Reached target Remote File Systems.

Starting File System Check on /dev/disk/by-uuid/7719732f-d16e-42be-a171-28cc4d85f6b7...

1 R start job is running for File System Check on /dev/disk/by-uuid/77f97321-d16e-42be-a171-28cc4d85f6b7 33.8943171 12433 nvme nvae: controller is down; will reset: CSTS-Bxffffffff, PCI STATUS-8xffff

[ 33.8943751 1243] nvme nvme8: Does your device have a faulty power saving mode enabled? E 33.894485] 1243] nvme пvae8: Try "nvae_core.default_ps_max_latency_us-8 pcle_aspa-off" and report a bug [ 33.93185930 12433 nvae8n1: 1/0 Cad(8x2) LBR 333365128, 8 blocks, 1/0 Error (sct 8x3/sc 8x71)

[ 33.9311871 1243] 1/0 error, dev nvmeßni, sector 333365128 op 8x8: (READ) flags 888788 phys_seg 1 prio class 2 33.947538] T68) nvme 8888:84:88.8: Unable to change power state from D3cold to D8, device inaccessible

[ 33.947796][ T68] пvme nvme8: Disabling device after reset failure: -19 [ 33.964138] T68] nvae8n1: detected capacity change from 1888215216 to 8 EOK 3 Finished File System Check on /dev/disk/by-uuid/7719732f-d16e-42be-a171-28cc4d85f5b7.

Mounting /sysroot...

[ 33.995244) T4813 Buffer 1/0 error on dev nvmeBn1p6, logical block 13187184. async page read

Ε 33.9956731 T4811 Buffer 1/0 error on dev nvme8n1p5, logical block 16, async page read [FAILED] Failed to mount /sysroot.

See systemctl status sysroot.mount for details.

[DEPEND] Dependency failed for Initrd Root File System.

[DEPEND] Dependency failed for Mountpoints Configured in the Real Root. [DEPEND] Dependency failed for OSTree Prepare OS/.

L OK 1 Stopped target Basic System. [ OK ] Reached target Initrd File Systems.

[ OK ] Stopped target System Initialization. [ OK ] Stopped dracut initqueue hook.

[ OK 1 Stopped dracut pre-udev hook. [ OK ] Stopped dracut cadline hook.

[ OK ] Stopped dracut ask for additional cadline parameters.

[ OK 1 Started Emergency Shell. [UK] Reached target Emergency Mode.

Generating "/run/initramfs/rdsosreport.txt"
Comment 11 Michal Suchanek 2023-08-21 10:32:08 UTC 
Thanks, that sounds like bug 1214397
Comment 12 Michal Suchanek 2023-08-21 13:09:44 UTC 
There aren't many NVMe related changes between 6.4.9 and 6.4.11. 

    - nvme: fix possible hang when removing a controller during
      error recovery (bsc#1012628).
    - nvme-tcp: fix potential unbalanced freeze & unfreeze
      (bsc#1012628).
    - nvme-rdma: fix potential unbalanced freeze & unfreeze
      (bsc#1012628).
    - nvme-pci: add NVME_QUIRK_BOGUS_NID for Samsung PM9B1 256G and
      512G (bsc#1012628).

I do not see any PCI or power management changes that would cause this, either.

FWIW here is a kernel build kernel-default-6.4.11-1.1.g8c5d032.x86_64.rpm with the NVMe changes from 6.4.11 reverted:

https://download.opensuse.org/repositories/home:/michals:/kernel-test/standard/

This kernel is not signed by the openSUSE key which may be problematic with secure boot. The signing key should be enrolled automatically but the enrollment needs to be confirmed on boot.
Comment 13 Michal Hlavac 2023-08-21 20:36:48 UTC 
Installed and booted updated kernel, but result was same:

[ OK ] Started Show Plymouth Boot Screen.

OK ] Started Forward Password Requests to Plymouth Directory Watch.

[ [ OK ] Reached target Path Units.

[ OK ] Reached target Basic System.

[ OK 1 Found device PM961 NVMe SAMSUNG 512GB ESP.

[ OK ] Found device PM961 NVMe SAMSUNG 512GB primary

OK Reached target Initrd Root Device. [ OK ] Finished dracut initqueue hook.

.

OK Reached target Preparation for Remote File Systems. [ OK ] Reached target Remote File Systems.

Starting File System Check on /dev/disk/by-uuid/77f9732f-d16e-42be-a171-28cc4d85f6b7... A start job is running for File System Check on /dev/disk/by-uuid/77f9732f-d16e-42be-a171-28cc4d85f6b7 (32s / no limit) 33.897892] T234] nvme nvme8: controller is doun; will reset: CSTS-8xffffffff, PCI STATUS=0xffff

33.897936][ T234] nvme nvme8: Does your device have a faulty power saving mode enabled?

33.897967][ T234] nvme nvme8: Try "nvme_core.default_ps_max_latency_us-8 pcie_aspm-off" and report a bug

33.934675][ 12341 nvme0n1: 1/0 Cmd(0x2) @ LBA 333365128, 8 blocks, 1/0 Error (sct 8x3/sc 8x71)

33.934726] T234] I/O error, dev nvme0n1, sector 333365128 op 8x8: (READ) flags 8x88788 phys_seg 1 prío class 2

33.951185 T64] nvme 8808:04:00.0: Unable to change power state from D3cold to D8, device inaccessible

33.951366][ T64] nvme nvme8: Disabling device after reset failure: -19

33.971889][ T64] nvme8n1: detected capacity change from 1888215216 to 8 ] Finished File System Check /dev/disk/by-uuid/77f9732f-d16e-42be-a171-28cc4d85f6b7.

OK

on

Mounting /sysroot.

[ 34.885474] T483] Buffer 1/0 error on dev nvme0n1p6, logical block 13187184, async page read 4833 Buffer 1/0 error on dev nvme8n1p6, logical block 16, async page read

[ 34.885981][ T483]

[FAILED] Failed See 'suste to mount /sysroot.

See "systemctl status sysroot.mount mount' for details.

[DEPEND] Dependency failed for Initrd Root File System. [DEPEND] Dependency failed for Mountpoints Configured in the Real Root. ncy failed for OSTree Prepare OS/.

[DEPEND] Dependency fail [ OK ] Stopped 1 Reached target Basic System

.

[ OK target Initrd File Systems.

[ OK 1 Stopped target System Initialization

[ OK 1 Stopped dracut initqueue hook.

[ OK ] Stopped dracut pre-udey hook.

[ OK J Stopped dracut cmdline hook.

.

[OK] Stopped dracut ask for additional cmdline parameters.

[ OK ] Started Emergency Shell. [ OK ] Reached target Emergency Mode.

Generating "/run/initramfs/rdsosreport.txt"

Entering emergency mode. Exit the shell to continue,

Type "journalct1" to view system logs,

You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot

after mounting them and attach it to a bug report,

Give root password for maintenance (or press Control-D to continue);
Comment 14 Michal Suchanek 2023-08-22 06:58:01 UTC 
Can you confirm that the 6.4.9 kernel installed on the latest Tumbleweed snapshot alongside the 6.4.11 kernel still boots the system?
Comment 15 Alberto Planas Dominguez 2023-08-22 07:29:03 UTC 
(In reply to Michal Suchanek from comment #14)
> Can you confirm that the 6.4.9 kernel installed on the latest Tumbleweed
> snapshot alongside the 6.4.11 kernel still boots the system?

I am affected too, and I can confirm it:

$ uname -r
6.4.9-1-default
Comment 16 Michal Hlavac 2023-08-22 18:44:56 UTC 
Can confirm that after updating to latest snapshot with kernel 6.4.11 and booting to 6.4.9 it works. 6.4.11 does not work at all.
Comment 18 Takashi Iwai 2023-08-24 14:18:23 UTC 
*** Bug 1214570 has been marked as a duplicate of this bug. ***
Comment 19 Martin Wilck 2023-08-30 07:46:10 UTC 
All evidence points to 69304c8d285b / 101bd907b424 ("misc: rtsx: judge ASPM Mode to set PETXCFG Reg"). The commit author hypothesizes something about a generic power saving issue [1], but that makes little sense to me, given that the issue seems to occur only on systems that feature the rtsx hardware.

I rather think that this commit makes the rtsx hardware misbehave in some way, with the side effect that the NVMe device appears dead.

I second the recommendation that this should be reverted [2].

Perhaps we should just revert this in openSUSE stable (and master) until upstream has figured it out?

[1] https://lore.kernel.org/lkml/570d465a-7500-4b58-98f0-fd781c8740cc@sapience.com/T/#m90373a16017f07ca32f43d6b4327164fb31bf9bb
[2] https://lore.kernel.org/lkml/570d465a-7500-4b58-98f0-fd781c8740cc@sapience.com/T/#m0bd43dd7703c7bc8145239196be11180d9f24050
Comment 20 Martin Wilck 2023-08-30 07:51:08 UTC 
*** Bug 1214397 has been marked as a duplicate of this bug. ***
Comment 21 Takashi Iwai 2023-08-30 07:57:04 UTC 
(In reply to Martin Wilck from comment #19)
> Perhaps we should just revert this in openSUSE stable (and master) until
> upstream has figured it out?

Yes, the patch was already reverted on our stable/master branches (as well as SLE15-SP6/ALP-current).
Comment 22 Michal Suchanek 2023-08-30 08:24:09 UTC 
Should be fixed in 6.4.12, now in Factory.
Comment 24 OBSbugzilla Bot 2023-09-05 19:45:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1214428) was mentioned in
https://build.opensuse.org/request/show/1109139 Factory / suse-module-tools
Comment 34 Maintenance Automation 2023-09-14 12:30:36 UTC 
SUSE-SU-2023:3600-1: An update that solves 16 vulnerabilities, contains seven features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.49.1, kernel-syms-rt-5.14.21-150400.15.49.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_12-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.49.1, kernel-syms-rt-5.14.21-150400.15.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Maintenance Automation 2023-09-14 12:31:13 UTC 
SUSE-SU-2023:3599-1: An update that solves 20 vulnerabilities, contains eight features and has 53 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214976
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-rt-5.14.21-150500.13.14.1, kernel-livepatch-SLE15-SP5-RT_Update_4-1-150500.11.3.1, kernel-source-rt-5.14.21-150500.13.14.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_4-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.14.1, kernel-source-rt-5.14.21-150500.13.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Maintenance Automation 2023-09-18 16:30:35 UTC 
SUSE-SU-2023:3656-1: An update that solves 20 vulnerabilities, contains eight features and has 54 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214760, 1214976
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-source-azure-5.14.21-150500.33.17.1, kernel-syms-azure-5.14.21-150500.33.17.1
Public Cloud Module 15-SP5 (src): kernel-source-azure-5.14.21-150500.33.17.1, kernel-syms-azure-5.14.21-150500.33.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Maintenance Automation 2023-09-19 16:30:41 UTC 
SUSE-SU-2023:3683-1: An update that solves 16 vulnerabilities, contains seven features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-5.14.21-150400.24.84.1, kernel-source-5.14.21-150400.24.84.1, kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1, kernel-obs-build-5.14.21-150400.24.84.1, kernel-livepatch-SLE15-SP4_Update_17-1-150400.9.3.1, kernel-obs-qa-5.14.21-150400.24.84.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1, kernel-source-5.14.21-150400.24.84.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.84.1, kernel-obs-build-5.14.21-150400.24.84.1, kernel-source-5.14.21-150400.24.84.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_17-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Maintenance Automation 2023-09-19 16:31:01 UTC 
SUSE-SU-2023:3682-1: An update that solves 16 vulnerabilities, contains seven features and has 45 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756, 1214760
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-azure-5.14.21-150400.14.66.1, kernel-source-azure-5.14.21-150400.14.66.1
Public Cloud Module 15-SP4 (src): kernel-syms-azure-5.14.21-150400.14.66.1, kernel-source-azure-5.14.21-150400.14.66.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Maintenance Automation 2023-09-20 12:30:34 UTC 
SUSE-SU-2023:3704-1: An update that solves 20 vulnerabilities, contains eight features and has 53 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214976
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_4-1-150500.11.3.1, kernel-obs-build-5.14.21-150500.55.22.1, kernel-syms-5.14.21-150500.55.22.1, kernel-obs-qa-5.14.21-150500.55.22.1, kernel-source-5.14.21-150500.55.22.1, kernel-default-base-5.14.21-150500.55.22.1.150500.6.8.1
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.22.1, kernel-default-base-5.14.21-150500.55.22.1.150500.6.8.1
Development Tools Module 15-SP5 (src): kernel-syms-5.14.21-150500.55.22.1, kernel-obs-build-5.14.21-150500.55.22.1, kernel-source-5.14.21-150500.55.22.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_4-1-150500.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Maintenance Automation 2023-09-21 12:30:21 UTC 
SUSE-SU-2023:3599-2: An update that solves 20 vulnerabilities, contains eight features and has 53 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214976
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-syms-rt-5.14.21-150500.13.14.1, kernel-source-rt-5.14.21-150500.13.14.1, kernel-livepatch-SLE15-SP5-RT_Update_4-1-150500.11.3.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_4-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.14.1, kernel-source-rt-5.14.21-150500.13.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Maintenance Automation 2023-09-21 12:30:43 UTC 
SUSE-SU-2023:3600-2: An update that solves 16 vulnerabilities, contains seven features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-rt-5.14.21-150400.15.49.1, kernel-source-rt-5.14.21-150400.15.49.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_12-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-syms-rt-5.14.21-150400.15.49.1, kernel-source-rt-5.14.21-150400.15.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 Maintenance Automation 2023-09-21 12:31:13 UTC 
SUSE-SU-2023:3704-2: An update that solves 20 vulnerabilities, contains eight features and has 53 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214976
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-livepatch-SLE15-SP5_Update_4-1-150500.11.3.1, kernel-obs-build-5.14.21-150500.55.22.1, kernel-syms-5.14.21-150500.55.22.1, kernel-obs-qa-5.14.21-150500.55.22.1, kernel-source-5.14.21-150500.55.22.1, kernel-default-base-5.14.21-150500.55.22.1.150500.6.8.1
Basesystem Module 15-SP5 (src): kernel-source-5.14.21-150500.55.22.1, kernel-default-base-5.14.21-150500.55.22.1.150500.6.8.1
Development Tools Module 15-SP5 (src): kernel-syms-5.14.21-150500.55.22.1, kernel-obs-build-5.14.21-150500.55.22.1, kernel-source-5.14.21-150500.55.22.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_4-1-150500.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Maintenance Automation 2023-09-21 12:31:39 UTC 
SUSE-SU-2023:3683-2: An update that solves 16 vulnerabilities, contains seven features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-syms-5.14.21-150400.24.84.1, kernel-source-5.14.21-150400.24.84.1, kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1, kernel-obs-build-5.14.21-150400.24.84.1, kernel-livepatch-SLE15-SP4_Update_17-1-150400.9.3.1, kernel-obs-qa-5.14.21-150400.24.84.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1
Basesystem Module 15-SP4 (src): kernel-default-base-5.14.21-150400.24.84.1.150400.24.37.1, kernel-source-5.14.21-150400.24.84.1
Development Tools Module 15-SP4 (src): kernel-syms-5.14.21-150400.24.84.1, kernel-obs-build-5.14.21-150400.24.84.1, kernel-source-5.14.21-150400.24.84.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_17-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Maintenance Automation 2023-10-04 08:31:40 UTC 
SUSE-SU-2023:3964-1: An update that solves 16 vulnerabilities, contains seven features and has 49 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214635, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756, 1215522, 1215523, 1215552, 1215553
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-source-rt-5.14.21-150400.15.53.1, kernel-syms-rt-5.14.21-150400.15.53.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_13-1-150400.1.3.1
SUSE Real Time Module 15-SP4 (src): kernel-source-rt-5.14.21-150400.15.53.1, kernel-syms-rt-5.14.21-150400.15.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Maintenance Automation 2023-10-04 16:30:25 UTC 
SUSE-SU-2023:3971-1: An update that solves 20 vulnerabilities, contains eight features and has 58 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214635, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214976, 1215522, 1215523, 1215552, 1215553
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569
Jira References: PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.5 (src): kernel-obs-build-5.14.21-150500.55.28.1, kernel-obs-qa-5.14.21-150500.55.28.1, kernel-syms-5.14.21-150500.55.28.1, kernel-source-5.14.21-150500.55.28.1, kernel-default-base-5.14.21-150500.55.28.1.150500.6.11.2, kernel-livepatch-SLE15-SP5_Update_5-1-150500.11.5.1
SUSE Linux Enterprise Micro 5.5 (src): kernel-default-base-5.14.21-150500.55.28.1.150500.6.11.2
Basesystem Module 15-SP5 (src): kernel-default-base-5.14.21-150500.55.28.1.150500.6.11.2, kernel-source-5.14.21-150500.55.28.1
Development Tools Module 15-SP5 (src): kernel-obs-build-5.14.21-150500.55.28.1, kernel-syms-5.14.21-150500.55.28.1, kernel-source-5.14.21-150500.55.28.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5_Update_5-1-150500.11.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Maintenance Automation 2023-10-04 16:30:52 UTC 
SUSE-SU-2023:3969-1: An update that solves 16 vulnerabilities, contains seven features and has 49 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1120059, 1177719, 1188885, 1193629, 1194869, 1205462, 1208902, 1208949, 1209284, 1209799, 1210048, 1210448, 1212091, 1212142, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213968, 1213970, 1213971, 1214000, 1214019, 1214120, 1214149, 1214180, 1214238, 1214285, 1214297, 1214299, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214428, 1214451, 1214635, 1214659, 1214661, 1214729, 1214742, 1214743, 1214756, 1215522, 1215523, 1215552, 1215553
CVE References: CVE-2023-2007, CVE-2023-20588, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4569
Jira References: PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
openSUSE Leap 15.4 (src): kernel-source-5.14.21-150400.24.88.1, kernel-livepatch-SLE15-SP4_Update_18-1-150400.9.3.1, kernel-syms-5.14.21-150400.24.88.1, kernel-obs-qa-5.14.21-150400.24.88.1, kernel-obs-build-5.14.21-150400.24.88.1, kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
SUSE Linux Enterprise Micro 5.3 (src): kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
SUSE Linux Enterprise Micro 5.4 (src): kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
Basesystem Module 15-SP4 (src): kernel-source-5.14.21-150400.24.88.1, kernel-default-base-5.14.21-150400.24.88.1.150400.24.40.1
Development Tools Module 15-SP4 (src): kernel-obs-build-5.14.21-150400.24.88.1, kernel-source-5.14.21-150400.24.88.1, kernel-syms-5.14.21-150400.24.88.1
SUSE Linux Enterprise Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4_Update_18-1-150400.9.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Jiri Slaby 2023-10-05 05:06:02 UTC 
I assume:
commit 0e4cac557531a4c93de108d9ff11329fcad482ff
Author: Ricky WU <ricky_wu@realtek.com>
Date:   Wed Sep 20 09:11:19 2023 +0000

    misc: rtsx: Fix some platforms can not boot and move the l1ss judgment to probe

is the fix for this issue. So dropping the revert in favor of this (coming through 6.5.6).
Comment 48 Maintenance Automation 2023-10-05 16:29:26 UTC 
SUSE-SU-2023:3988-1: An update that solves 24 vulnerabilities, contains 10 features and has 64 security fixes can now be installed.

Category: security (important)
Bug References: 1023051, 1065729, 1120059, 1177719, 1187236, 1188885, 1193629, 1194869, 1203329, 1203330, 1205462, 1206453, 1208902, 1208949, 1208995, 1209284, 1209799, 1210048, 1210169, 1210448, 1210643, 1211220, 1212091, 1212142, 1212423, 1212526, 1212857, 1212873, 1213026, 1213123, 1213546, 1213580, 1213601, 1213666, 1213733, 1213757, 1213759, 1213916, 1213921, 1213927, 1213946, 1213949, 1213968, 1213970, 1213971, 1214000, 1214019, 1214073, 1214120, 1214149, 1214180, 1214233, 1214238, 1214285, 1214297, 1214299, 1214305, 1214350, 1214368, 1214370, 1214371, 1214372, 1214380, 1214386, 1214392, 1214393, 1214397, 1214404, 1214428, 1214451, 1214635, 1214659, 1214661, 1214727, 1214729, 1214742, 1214743, 1214756, 1214813, 1214873, 1214928, 1214976, 1214988, 1215123, 1215124, 1215148, 1215221, 1215523
CVE References: CVE-2022-38457, CVE-2022-40133, CVE-2023-1192, CVE-2023-1859, CVE-2023-2007, CVE-2023-20588, CVE-2023-2177, CVE-2023-34319, CVE-2023-3610, CVE-2023-37453, CVE-2023-3772, CVE-2023-3863, CVE-2023-40283, CVE-2023-4128, CVE-2023-4133, CVE-2023-4134, CVE-2023-4147, CVE-2023-4194, CVE-2023-4273, CVE-2023-4387, CVE-2023-4459, CVE-2023-4563, CVE-2023-4569, CVE-2023-4881
Jira References: PED-2023, PED-2025, PED-3924, PED-4579, PED-4759, PED-4927, PED-4929, PED-5738, PED-6003, PED-6004
Sources used:
SUSE Real Time Module 15-SP5 (src): kernel-syms-rt-5.14.21-150500.13.18.1, kernel-source-rt-5.14.21-150500.13.18.1
openSUSE Leap 15.5 (src): kernel-syms-rt-5.14.21-150500.13.18.1, kernel-livepatch-SLE15-SP5-RT_Update_5-1-150500.11.3.1, kernel-source-rt-5.14.21-150500.13.18.1
SUSE Linux Enterprise Live Patching 15-SP5 (src): kernel-livepatch-SLE15-SP5-RT_Update_5-1-150500.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.