Overview

File _patchinfo of Package patchinfo.36775

<patchinfo incident="36775">
  <issue id="1218644" tracker="bnc">kernel/livepatching: Add klp-convert</issue>
  <issue id="1220927" tracker="bnc">VUL-0: CVE-2023-52524: kernel: net: nfc: llcp: Add lock when modifying device list</issue>
  <issue id="1232224" tracker="bnc">VUL-0: CVE-2024-49925: kernel: fbdev: efifb: register sysfs groups through driver core</issue>
  <issue id="1232436" tracker="bnc">VUL-0: CVE-2024-53142: kernel: malformed cpio entry may leak early-boot memory contents</issue>
  <issue id="1232860" tracker="bnc">VUL-0: CVE-2024-50089: kernel: unicode: Don't special case ignorable code points</issue>
  <issue id="1232907" tracker="bnc">VUL-0: CVE-2024-50127: kernel: net: sched: fix use-after-free in taprio_change()</issue>
  <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue>
  <issue id="1232928" tracker="bnc">VUL-0: CVE-2024-50125: kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout</issue>
  <issue id="1233070" tracker="bnc">VUL-0: CVE-2024-50154: kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().</issue>
  <issue id="1233117" tracker="bnc">VUL-0: CVE-2024-50208: kernel: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages</issue>
  <issue id="1233293" tracker="bnc">VUL-0: CVE-2024-50205: kernel: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()</issue>
  <issue id="1233453" tracker="bnc">VUL-0: CVE-2024-50264: kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-&gt;trans</issue>
  <issue id="1233456" tracker="bnc">VUL-0: CVE-2024-50267: kernel: USB: serial: io_edgeport: fix use after free in debug printk</issue>
  <issue id="1233468" tracker="bnc">VUL-0: CVE-2024-50279: kernel: dm cache: fix out-of-bounds access to the dirty bitset when resizing</issue>
  <issue id="1233479" tracker="bnc">VUL-0: CVE-2024-50290: kernel: media: cx24116: prevent overflows on SNR calculus</issue>
  <issue id="1233490" tracker="bnc">VUL-0: CVE-2024-50301: kernel: security/keys: fix slab-out-of-bounds in key_task_permission</issue>
  <issue id="1233491" tracker="bnc">VUL-0: CVE-2024-50302: kernel: HID: core: zero-initialize the report buffer</issue>
  <issue id="1233555" tracker="bnc">VUL-0: CVE-2024-53061: kernel: media: s5p-jpeg: prevent buffer overflows</issue>
  <issue id="1233557" tracker="bnc">VUL-0: CVE-2024-53063: kernel: media: dvbdev: prevent the risk of out of memory access</issue>
  <issue id="2023-52524" tracker="cve" />
  <issue id="2024-49925" tracker="cve" />
  <issue id="2024-50089" tracker="cve" />
  <issue id="2024-50115" tracker="cve" />
  <issue id="2024-50125" tracker="cve" />
  <issue id="2024-50127" tracker="cve" />
  <issue id="2024-50154" tracker="cve" />
  <issue id="2024-50205" tracker="cve" />
  <issue id="2024-50208" tracker="cve" />
  <issue id="2024-50264" tracker="cve" />
  <issue id="2024-50267" tracker="cve" />
  <issue id="2024-50279" tracker="cve" />
  <issue id="2024-50290" tracker="cve" />
  <issue id="2024-50301" tracker="cve" />
  <issue id="2024-50302" tracker="cve" />
  <issue id="2024-53061" tracker="cve" />
  <issue id="2024-53063" tracker="cve" />
  <issue id="2024-53142" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293).
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).

The following non-security bugs were fixed:

- Update config files (bsc#1218644).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places