File _patchinfo of Package patchinfo.37758
<patchinfo incident="37758"> <issue id="1215420" tracker="bnc">VUL-0: CVE-2023-4244: kernel-source-rt,kernel-source-azure,kernel-source: netfilter: nf_tables UAF</issue> <issue id="1224700" tracker="bnc">VUL-0: CVE-2024-35949: kernel: btrfs: make sure that WRITTEN is set on all metadata blocks</issue> <issue id="1225742" tracker="bnc">VUL-0: CVE-2024-36905: kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets</issue> <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue> <issue id="1234853" tracker="bnc">VUL-0: CVE-2024-53146: kernel: NFSD: prevent a potential integer overflow</issue> <issue id="1234891" tracker="bnc">VUL-0: CVE-2024-53173: kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()</issue> <issue id="1234963" tracker="bnc">VUL-0: CVE-2024-56539: kernel: wifi: mwifiex: fix memcpy() field-spanning write warning in mwifiex_config_scan()</issue> <issue id="1235054" tracker="bnc">VUL-0: CVE-2024-53239: kernel: ALSA: 6fire: release resources at card release</issue> <issue id="1235061" tracker="bnc">VUL-0: CVE-2024-56605: kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()</issue> <issue id="1235073" tracker="bnc">VUL-0: CVE-2024-56548: kernel: hfsplus: don't query the device logical block size multiple times</issue> <issue id="1236757" tracker="bnc">net: netvsc: Update default VMBus channels</issue> <issue id="1236761" tracker="bnc">net: mana: Add get_link and get_link_ksettings in ethtool</issue> <issue id="1236821" tracker="bnc">VUL-0: CVE-2023-52924: kernel: netfilter: nf_tables: don't skip expired elements during walk</issue> <issue id="1237025" tracker="bnc">VUL-0: CVE-2025-21690: kernel: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service</issue> <issue id="1237028" tracker="bnc">VUL-0: CVE-2025-21692: kernel: net: sched: fix ets qdisc OOB Indexing</issue> <issue id="1237139" tracker="bnc">VUL-0: CVE-2025-21699: kernel: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag</issue> <issue id="1237768" tracker="bnc">VUL-0: CVE-2021-47633: kernel: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111</issue> <issue id="1238033" tracker="bnc">VUL-0: CVE-2022-49080: kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace</issue> <issue id="2021-47633" tracker="cve" /> <issue id="2022-49080" tracker="cve" /> <issue id="2023-4244" tracker="cve" /> <issue id="2023-52924" tracker="cve" /> <issue id="2024-35949" tracker="cve" /> <issue id="2024-50115" tracker="cve" /> <issue id="2024-53173" tracker="cve" /> <issue id="2024-53239" tracker="cve" /> <issue id="2024-56539" tracker="cve" /> <issue id="2024-56548" tracker="cve" /> <issue id="2024-56605" tracker="cve" /> <issue id="2025-21690" tracker="cve" /> <issue id="2025-21692" tracker="cve" /> <issue id="2025-21699" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vliaskovitis</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47633: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (bsc#1237768). - CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033). - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). - CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025). - CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028). - CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139). The following non-security bugs were fixed: - net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761). - net: netvsc: Update default VMBus channels (bsc#1236757). - scsi: storvsc: Handle SRB status value 0x30 (git-fixes). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
