Bugzilla – Bug 1206209
VUL-0: CVE-2022-4379: kernel: use-after-free in NFS module
Last modified: 2024-06-25 17:15:40 UTC
From linux-distros: Hello, We discovered a use-after-free vulnerability in __nfs42_ssc_open() in fs/nfs/nfs4file.c in Linux kernel through v6.1-rc8, which allows an attacker to conduct remote Denial of Service attack. =*=*=*=*=*=*=*=*= Affected Version =*=*=*=*=*=*=*=*= through v6.1-rc8 =*=*=*=*=*=*=*=*= Bug Reproduce =*=*=*=*=*=*=*=*= Git checkout 76dcd734eca23168cb008912c0f69ff408905235 and compile the kernel with the following configs: CONFIG_NFS_FS=y CONFIG_NFS_V2=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFS_SWAP=y CONFIG_NFS_V4_1=y CONFIG_NFS_V4_2=y CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org" CONFIG_NFS_V4_1_MIGRATION=y CONFIG_NFS_V4_SECURITY_LABEL=y CONFIG_ROOT_NFS=y CONFIG_NFS_USE_LEGACY_DNS=y CONFIG_NFS_DISABLE_UDP_SUPPORT=y CONFIG_NFS_V4_2_READ_PLUS=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_NFSD_PNFS=y CONFIG_NFSD_BLOCKLAYOUT=y CONFIG_NFSD_SCSILAYOUT=y CONFIG_NFSD_FLEXFILELAYOUT=y CONFIG_NFSD_V4_2_INTER_SSC=y CONFIG_NFSD_V4_SECURITY_LABEL=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_NFS_V4_2_SSC_HELPER=y Prepare 2 qemu virtual machines, namely vm1 and vm2. In both vms, only enable NFS version 4.2 and enable inter-server copy offload by the following commands: systemctl stop nfs-kernel-server.service echo -2 -3 -4 -4.1 +4.2 > /proc/fs/nfsd/versions systemctl start nfs-kernel-server.service echo 1 >/sys/module/nfsd/parameters/inter_copy_offload_enable In vm1, create a folder named from which we will copy a file from and a file named test whose size is 16MB: mkdir -p /from dd if=/dev/urandom of=/from/test count=1 bs=16M In vm2, create a folder named to which we will copy a file to: mkdir -p /to Export the aforementioned folders in their coresponding vm with the following configurations: /from *(rw,async,no_subtree_check,no_root_squash,insecure) /to *(rw,async,no_subtree_check,no_root_squash,insecure) Mount both folders in vm1: mount -o vers=4.2 ${ip_vm1}:/from /from_c mount -o vers=4.2 ${ip_vm2}:/to /to_c Repeat copying /from_c/test to /to_c two time via copy_file_range syscall, which will trigger server side copy. The first copy will succeed and the second copy will trigger a use-after-free in vm2. The KASAN report processed by decode_stacktrace.sh is as follows: [ 150.198088] ================================================================== [ 150.199766] BUG: KASAN: use-after-free in __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.201108] Read of size 8 at addr ffff888008bbc4a8 by task copy thread/375 [ 150.203035] [ 150.203392] CPU: 4 PID: 375 Comm: copy thread Not tainted 6.1.0-rc8 #20 [ 150.204790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/04 [ 150.206709] Call Trace: [ 150.207271] <TASK> [ 150.207740] dump_stack_lvl (lib/dump_stack.c:107) [ 150.208562] print_report (mm/kasan/report.c:285 mm/kasan/report.c:395) [ 150.209385] ? __virt_addr_valid (./include/linux/mmzone.h:1759 ./include/linux/mmzone.h:1855 arch/x86/mm/physaddr.c:65) [ 150.210296] ? __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.211184] kasan_report (mm/kasan/report.c:162 mm/kasan/report.c:497) [ 150.211967] ? __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.212742] __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.213343] ? _raw_read_lock_bh (kernel/locking/spinlock.c:161) [ 150.213935] nfsd4_do_async_copy (./include/linux/nfs_ssc.h:47 fs/nfsd/nfs4proc.c:1764) [ 150.214520] ? preempt_count_sub (kernel/sched/core.c:5697) [ 150.215133] ? __kthread_parkme (kernel/kthread.c:283) [ 150.215769] ? nfsd4_read (fs/nfsd/nfs4proc.c:1757) [ 150.216349] kthread (kernel/kthread.c:376) [ 150.216873] ? kthread_complete_and_exit (kernel/kthread.c:331) [ 150.217630] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.218206] </TASK> [ 150.218551] [ 150.218803] Allocated by task 350: [ 150.219348] kasan_save_stack (mm/kasan/common.c:46) [ 150.219938] kasan_set_track (mm/kasan/common.c:52) [ 150.220522] __kasan_slab_alloc (mm/kasan/common.c:328) [ 150.221148] kmem_cache_alloc (./include/linux/kasan.h:201 mm/slab.h:737 mm/slub.c:3398 mm/slub.c:3406 mm/slub.c:3413 mm/slub.c:3422) [ 150.221786] alloc_vfsmnt (./include/linux/slab.h:679 fs/namespace.c:198) [ 150.222348] vfs_create_mount (fs/namespace.c:1017) [ 150.222919] vfs_kern_mount.part.48 (fs/namespace.c:1073) [ 150.223376] nfsd4_interssc_connect.isra.24 (fs/nfsd/nfs4proc.c:1443) [ 150.223915] nfsd4_copy (fs/nfsd/nfs4proc.c:1499 fs/nfsd/nfs4proc.c:1805) [ 150.224249] nfsd4_proc_compound (fs/nfsd/nfs4proc.c:2710) [ 150.224647] nfsd_dispatch (fs/nfsd/nfssvc.c:1056) [ 150.225000] svc_process_common (net/sunrpc/svc.c:1339) [ 150.225403] svc_process (net/sunrpc/svc.c:1463) [ 150.225735] nfsd (fs/nfsd/nfssvc.c:979) [ 150.226022] kthread (kernel/kthread.c:376) [ 150.226330] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.226662] [ 150.226810] Freed by task 0: [ 150.227072] kasan_save_stack (mm/kasan/common.c:46) [ 150.227417] kasan_set_track (mm/kasan/common.c:52) [ 150.227765] kasan_save_free_info (mm/kasan/generic.c:513) [ 150.228134] __kasan_slab_free (mm/kasan/common.c:238 mm/kasan/common.c:200 mm/kasan/common.c:244) [ 150.228497] kmem_cache_free (mm/slub.c:1750 mm/slub.c:3661 mm/slub.c:3683) [ 150.228842] rcu_core (./arch/x86/include/asm/preempt.h:27 kernel/rcu/tree.c:2257 kernel/rcu/tree.c:2510) [ 150.229144] __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:572) [ 150.229483] [ 150.229636] Last potentially related work creation: [ 150.230102] kasan_save_stack (mm/kasan/common.c:46) [ 150.230470] __kasan_record_aux_stack (mm/kasan/generic.c:481) [ 150.230901] call_rcu (./arch/x86/include/asm/irqflags.h:29 (discriminator 3) ./arch/x86/include/asm/irqflags.h:70 (discriminator 3) ./arch/x86/include/asm/irqflags.h:106 (discriminator 3) kernel/rcu/tree.c:2799 (discriminator 3)) [ 150.231214] mntput_no_expire (fs/namespace.c:1272) [ 150.231586] nfsd4_do_async_copy (./include/linux/slab.h:553 ./include/linux/slab.h:689 fs/nfsd/nfs4proc.c:1734 fs/nfsd/nfs4proc.c:1787) [ 150.231980] kthread (kernel/kthread.c:376) [ 150.232295] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.232637] [ 150.232792] The buggy address belongs to the object at ffff888008bbc480 [ 150.232792] which belongs to the cache mnt_cache of size 320 [ 150.233849] The buggy address is located 40 bytes inside of [ 150.233849] 320-byte region [ffff888008bbc480, ffff888008bbc5c0) [ 150.234828] [ 150.234970] The buggy address belongs to the physical page: [ 150.235442] page:00000000711edc3f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfnc [ 150.236154] head:00000000711edc3f order:1 compound_mapcount:0 compound_pincount:0 [ 150.236724] flags: 0x100000000010200(slab|head|node=0|zone=1) [ 150.237193] raw: 0100000000010200 0000000000000000 dead000000000122 ffff888004946dc0 [ 150.237784] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 150.238367] page dumped because: kasan: bad access detected [ 150.238804] [ 150.238934] Memory state around the buggy address: [ 150.239304] ffff888008bbc380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.239868] ffff888008bbc400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 150.240420] >ffff888008bbc480: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.240967] ^ [ 150.241333] ffff888008bbc500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.241885] ffff888008bbc580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 150.242431] ================================================================== Could you please assign a cve number to this issue? Best Regards, Xingyuan Mo
This is now public https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/ I'll review the patch and apply it, hopefully, tomorrow.
This commit probably introduced the bug: https://github.com/torvalds/linux/commit/ce0887ac96d35c7105090e166bb0807dc0a0e838 If true, the following branches would be affected: - stable - master - SLE15-SP4
public via oss-sec From: Xingyuan Mo <hdthky0@gmail.com> Subject: [oss-security] CVE-2022-4379: Linux kernel: use-after-free in __nfs42_ssc_open Hello, We found a use-after-free vulnerability in __nfs42_ssc_open() in NFS subsystem of Linux through v6.1 which allows an attacker to trigger remote denial of service. =*=*=*=*=*=*=*=*= Bug Details =*=*=*=*=*=*=*=*= The use-after-free violation is caused by dereferencing a vfsmount which is freed but still remains on the delayed unmount list. The reason the vfsmount is freed is that nfs42_ssc_open returns an error when called in nfsd4_do_async_copy. During my testing, this bug can be triggered by two consecutive inter-server-side copies, if the first one encounters some kind of error. =*=*=*=*=*=*=*=*= Backtrace =*=*=*=*=*=*=*=*= [ 150.198088 ] ================================================================== [ 150.199766 ] BUG: KASAN: use-after-free in __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.201108 ] Read of size 8 at addr ffff888008bbc4a8 by task copy thread/375 [ 150.203035 ] [ 150.203392 ] CPU: 4 PID: 375 Comm: copy thread Not tainted 6.1.0-rc8 #20 [ 150.204790 ] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/04 [ 150.206709 ] Call Trace: [ 150.207271 ] <TASK> [ 150.207740 ] dump_stack_lvl (lib/dump_stack.c:107) [ 150.208562 ] print_report (mm/kasan/report.c:285 mm/kasan/report.c:395) [ 150.209385 ] ? __virt_addr_valid (./include/linux/mmzone.h:1759 ./include/linux/mmzone.h:1855 arch/x86/mm/physaddr.c:65) [ 150.210296 ] ? __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.211184 ] kasan_report (mm/kasan/report.c:162 mm/kasan/report.c:497) [ 150.211967 ] ? __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.212742 ] __nfs42_ssc_open (fs/nfs/nfs4file.c:332) [ 150.213343 ] ? _raw_read_lock_bh (kernel/locking/spinlock.c:161) [ 150.213935 ] nfsd4_do_async_copy (./include/linux/nfs_ssc.h:47 fs/nfsd/nfs4proc.c:1764) [ 150.214520 ] ? preempt_count_sub (kernel/sched/core.c:5697) [ 150.215133 ] ? __kthread_parkme (kernel/kthread.c:283) [ 150.215769 ] ? nfsd4_read (fs/nfsd/nfs4proc.c:1757) [ 150.216349 ] kthread (kernel/kthread.c:376) [ 150.216873 ] ? kthread_complete_and_exit (kernel/kthread.c:331) [ 150.217630 ] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.218206 ] </TASK> [ 150.218551 ] [ 150.218803 ] Allocated by task 350: [ 150.219348 ] kasan_save_stack (mm/kasan/common.c:46) [ 150.219938 ] kasan_set_track (mm/kasan/common.c:52) [ 150.220522 ] __kasan_slab_alloc (mm/kasan/common.c:328) [ 150.221148 ] kmem_cache_alloc (./include/linux/kasan.h:201 mm/slab.h:737 mm/slub.c:3398 mm/slub.c:3406 mm/slub.c:3413 mm/slub.c:3422) [ 150.221786 ] alloc_vfsmnt (./include/linux/slab.h:679 fs/namespace.c:198) [ 150.222348 ] vfs_create_mount (fs/namespace.c:1017) [ 150.222919 ] vfs_kern_mount.part.48 (fs/namespace.c:1073) [ 150.223376 ] nfsd4_interssc_connect.isra.24 (fs/nfsd/nfs4proc.c:1443) [ 150.223915 ] nfsd4_copy (fs/nfsd/nfs4proc.c:1499 fs/nfsd/nfs4proc.c:1805) [ 150.224249 ] nfsd4_proc_compound (fs/nfsd/nfs4proc.c:2710) [ 150.224647 ] nfsd_dispatch (fs/nfsd/nfssvc.c:1056) [ 150.225000 ] svc_process_common (net/sunrpc/svc.c:1339) [ 150.225403 ] svc_process (net/sunrpc/svc.c:1463) [ 150.225735 ] nfsd (fs/nfsd/nfssvc.c:979) [ 150.226022 ] kthread (kernel/kthread.c:376) [ 150.226330 ] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.226662 ] [ 150.226810 ] Freed by task 0: [ 150.227072 ] kasan_save_stack (mm/kasan/common.c:46) [ 150.227417 ] kasan_set_track (mm/kasan/common.c:52) [ 150.227765 ] kasan_save_free_info (mm/kasan/generic.c:513) [ 150.228134 ] __kasan_slab_free (mm/kasan/common.c:238 mm/kasan/common.c:200 mm/kasan/common.c:244) [ 150.228497 ] kmem_cache_free (mm/slub.c:1750 mm/slub.c:3661 mm/slub.c:3683) [ 150.228842 ] rcu_core (./arch/x86/include/asm/preempt.h:27 kernel/rcu/tree.c:2257 kernel/rcu/tree.c:2510) [ 150.229144 ] __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:572) [ 150.229483 ] [ 150.229636 ] Last potentially related work creation: [ 150.230102 ] kasan_save_stack (mm/kasan/common.c:46) [ 150.230470 ] __kasan_record_aux_stack (mm/kasan/generic.c:481) [ 150.230901 ] call_rcu (./arch/x86/include/asm/irqflags.h:29 (discriminator 3) ./arch/x86/include/asm/irqflags.h:70 (discriminator 3) ./arch/x86/include/asm/irqflags.h:106 (discriminator 3) kernel/rcu/tree.c:2799 (discriminator 3)) [ 150.231214 ] mntput_no_expire (fs/namespace.c:1272) [ 150.231586 ] nfsd4_do_async_copy (./include/linux/slab.h:553 ./include/linux/slab.h:689 fs/nfsd/nfs4proc.c:1734 fs/nfsd/nfs4proc.c:1787) [ 150.231980 ] kthread (kernel/kthread.c:376) [ 150.232295 ] ret_from_fork (arch/x86/entry/entry_64.S:312) [ 150.232637 ] [ 150.232792 ] The buggy address belongs to the object at ffff888008bbc480 [ 150.232792 ] which belongs to the cache mnt_cache of size 320 [ 150.233849 ] The buggy address is located 40 bytes inside of [ 150.233849 ] 320-byte region [ffff888008bbc480, ffff888008bbc5c0) [ 150.234828 ] [ 150.234970 ] The buggy address belongs to the physical page: [ 150.235442 ] page:00000000711edc3f refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfnc [ 150.236154 ] head:00000000711edc3f order:1 compound_mapcount:0 compound_pincount:0 [ 150.236724 ] flags: 0x100000000010200(slab|head|node=0|zone=1) [ 150.237193 ] raw: 0100000000010200 0000000000000000 dead000000000122 ffff888004946dc0 [ 150.237784 ] raw: 0000000000000000 0000000080150015 00000001ffffffff 0000000000000000 [ 150.238367 ] page dumped because: kasan: bad access detected [ 150.238804 ] [ 150.238934 ] Memory state around the buggy address: [ 150.239304 ] ffff888008bbc380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.239868 ] ffff888008bbc400: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 150.240420 ] >ffff888008bbc480: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.240967 ] ^ [ 150.241333 ] ffff888008bbc500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 150.241885 ] ffff888008bbc580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 150.242431 ] ================================================================== =*=*=*=*=*=*=*=*= Patch =*=*=*=*=*=*=*=*= The patch has been done by Dai Ngo, and it can be found here: https://lore.kernel.org/all/1670885411-10060-1-git-send-email-dai.ngo@oracle.com/ =*=*=*=*=*=*=*=*= Credit =*=*=*=*=*=*=*=*= Xingyuan Mo and Gengjia Chen of IceSword Lab, Qihoo 360 Technology Co. Ltd. Best Regards, Xingyuan Mo
I've reviewed the patch and submitted to - stable - master - SLE15-SP4
is public via oss-sec
SUSE-SU-2023:0146-1: An update that solves 15 vulnerabilities, contains two features and has 36 fixes is now available. Category: security (important) Bug References: 1065729,1187428,1188605,1190969,1191259,1193629,1199294,1201068,1203219,1203740,1203829,1204614,1204652,1204760,1204911,1204989,1205257,1205263,1205485,1205496,1205601,1205695,1206073,1206098,1206101,1206188,1206209,1206344,1206389,1206390,1206391,1206393,1206394,1206395,1206396,1206397,1206398,1206399,1206456,1206468,1206515,1206536,1206554,1206602,1206619,1206664,1206703,1206794,1206896,1206912,1207016 CVE References: CVE-2022-3104,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3113,CVE-2022-3114,CVE-2022-3115,CVE-2022-3344,CVE-2022-3564,CVE-2022-4379,CVE-2022-4662,CVE-2022-47520 JIRA References: PED-1445,PED-568 Sources used: openSUSE Leap 15.4 (src): kernel-azure-5.14.21-150400.14.31.1, kernel-source-azure-5.14.21-150400.14.31.1, kernel-syms-azure-5.14.21-150400.14.31.1 SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src): kernel-azure-5.14.21-150400.14.31.1, kernel-source-azure-5.14.21-150400.14.31.1, kernel-syms-azure-5.14.21-150400.14.31.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0147-1: An update that solves 14 vulnerabilities, contains three features and has 32 fixes is now available. Category: security (important) Bug References: 1065729,1187428,1188605,1191259,1193629,1199294,1201068,1203219,1203740,1204614,1204652,1204760,1204911,1204989,1205263,1205485,1205601,1205695,1206073,1206098,1206101,1206188,1206209,1206344,1206389,1206390,1206393,1206394,1206395,1206396,1206397,1206398,1206399,1206456,1206468,1206515,1206536,1206554,1206602,1206619,1206664,1206703,1206794,1206896,1206912,1207016 CVE References: CVE-2022-3104,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3113,CVE-2022-3115,CVE-2022-3344,CVE-2022-3564,CVE-2022-4379,CVE-2022-4662,CVE-2022-47520 JIRA References: PED-1445,PED-568,SLE-19249 Sources used: openSUSE Leap Micro 5.3 (src): kernel-rt-5.14.21-150400.15.8.1 openSUSE Leap 15.4 (src): kernel-rt-5.14.21-150400.15.8.1, kernel-rt_debug-5.14.21-150400.15.8.1, kernel-source-rt-5.14.21-150400.15.8.1, kernel-syms-rt-5.14.21-150400.15.8.1 SUSE Linux Enterprise Module for Realtime 15-SP4 (src): kernel-rt-5.14.21-150400.15.8.1, kernel-rt_debug-5.14.21-150400.15.8.1, kernel-source-rt-5.14.21-150400.15.8.1, kernel-syms-rt-5.14.21-150400.15.8.1 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_2-1-150400.1.3.1 SUSE Linux Enterprise Micro 5.3 (src): kernel-rt-5.14.21-150400.15.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0149-1: An update that solves 15 vulnerabilities, contains two features and has 37 fixes is now available. Category: security (important) Bug References: 1065729,1187428,1188605,1190969,1191259,1193629,1199294,1201068,1203219,1203740,1203829,1204614,1204652,1204760,1204911,1204989,1205257,1205263,1205485,1205496,1205601,1205695,1206073,1206098,1206101,1206188,1206209,1206273,1206344,1206389,1206390,1206391,1206393,1206394,1206395,1206396,1206397,1206398,1206399,1206456,1206468,1206515,1206536,1206554,1206602,1206619,1206664,1206703,1206794,1206896,1206912,1207016 CVE References: CVE-2022-3104,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3113,CVE-2022-3114,CVE-2022-3115,CVE-2022-3344,CVE-2022-3564,CVE-2022-4379,CVE-2022-4662,CVE-2022-47520 JIRA References: PED-1445,PED-568 Sources used: openSUSE Leap Micro 5.3 (src): kernel-default-5.14.21-150400.24.41.1, kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1 openSUSE Leap 15.4 (src): dtb-aarch64-5.14.21-150400.24.41.1, kernel-64kb-5.14.21-150400.24.41.1, kernel-debug-5.14.21-150400.24.41.1, kernel-default-5.14.21-150400.24.41.1, kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1, kernel-docs-5.14.21-150400.24.41.1, kernel-kvmsmall-5.14.21-150400.24.41.1, kernel-obs-build-5.14.21-150400.24.41.1, kernel-obs-qa-5.14.21-150400.24.41.1, kernel-source-5.14.21-150400.24.41.1, kernel-syms-5.14.21-150400.24.41.1, kernel-zfcpdump-5.14.21-150400.24.41.1 SUSE Linux Enterprise Workstation Extension 15-SP4 (src): kernel-default-5.14.21-150400.24.41.1 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-default-5.14.21-150400.24.41.1, kernel-livepatch-SLE15-SP4_Update_7-1-150400.9.3.1 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): kernel-default-5.14.21-150400.24.41.1 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): kernel-docs-5.14.21-150400.24.41.1, kernel-obs-build-5.14.21-150400.24.41.1, kernel-source-5.14.21-150400.24.41.1, kernel-syms-5.14.21-150400.24.41.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): kernel-64kb-5.14.21-150400.24.41.1, kernel-default-5.14.21-150400.24.41.1, kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1, kernel-source-5.14.21-150400.24.41.1, kernel-zfcpdump-5.14.21-150400.24.41.1 SUSE Linux Enterprise Micro 5.3 (src): kernel-default-5.14.21-150400.24.41.1, kernel-default-base-5.14.21-150400.24.41.1.150400.24.15.1 SUSE Linux Enterprise High Availability 15-SP4 (src): kernel-default-5.14.21-150400.24.41.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done