File _patchinfo of Package patchinfo.35217
<patchinfo incident="35217"> <issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue> <issue id="1179610" tracker="bnc">VUL-0: CVE-2020-26558: kernel-source: Multiple Bluetooth Core Specification Vulnerabilities</issue> <issue id="1186463" tracker="bnc">VUL-0: CVE-2021-0129,CVE-2020-26558: kernel-source, bluez: vulnerabilities with bluetooth subsystem (INTEL-SA-00517)</issue> <issue id="1216834" tracker="bnc">L3: System crashing intermittent with OCFS2</issue> <issue id="1218820" tracker="bnc">L3-Question: vmware esxi8 uefi secure boot blacklist: Problem with revocation key (-74)</issue> <issue id="1220185" tracker="bnc">VUL-0: CVE-2024-26583: kernel: tls: fix race between async notify and socket close</issue> <issue id="1220186" tracker="bnc">VUL-0: CVE-2024-26584: kernel: net: tls: handle backlogging of crypto requests</issue> <issue id="1220187" tracker="bnc">VUL-0: CVE-2024-26585: kernel-source,kernel-source-azure,kernel-source-rt: tls: race condition between tx work scheduling and socket close</issue> <issue id="1221539" tracker="bnc">VUL-0: CVE-2021-47126: kernel: ipv6: slab-out-of-bounds read in fib6_nh_flush_exceptions()</issue> <issue id="1222824" tracker="bnc">VUL-0: CVE-2021-47219: kernel: scsi: scsi_debug: out-of-bound read in resp_report_tgtpgs()</issue> <issue id="1224682" tracker="bnc">VUL-0: CVE-2023-52686: kernel: powerpc/powernv: Add a null pointer check in opal_event_init()</issue> <issue id="1224918" tracker="bnc">VUL-0: CVE-2021-47291: kernel: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions</issue> <issue id="1225404" tracker="bnc">VUL-0: CVE-2021-47506: kernel: nfsd: fix use-after-free due to delegation race</issue> <issue id="1225431" tracker="bnc">VUL-0: CVE-2021-47520: kernel: can: pch_can: pch_can_rx_normal: fix use after free</issue> <issue id="1226519" tracker="bnc">VUL-0: CVE-2024-36974: kernel: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP</issue> <issue id="1226550" tracker="bnc">VUL-0: CVE-2021-47580: kernel: scsi: scsi_debug: Fix type in min_t to avoid stack OOB</issue> <issue id="1226574" tracker="bnc">VUL-0: CVE-2021-47598: kernel: sch_cake: do not call cake_destroy() from cake_init()</issue> <issue id="1226575" tracker="bnc">VUL-0: CVE-2021-47600: kernel: dm btree remove: fix use after free in rebalance_children()</issue> <issue id="1226666" tracker="bnc">ASR signed driver does not load on SUSE</issue> <issue id="1226758" tracker="bnc">VUL-0: CVE-2024-38610: kernel: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()</issue> <issue id="1226785" tracker="bnc">VUL-0: CVE-2024-38559: kernel: scsi: qedf: ensure the copied buf is NUL terminated</issue> <issue id="1227213" tracker="bnc">WARNING: CPU: 6 PID: 2464 at ../drivers/gpu/drm/drm_gem.c:1032 drm_gem_object_put+0x5f/0x70 [drm]</issue> <issue id="1227487" tracker="bnc">powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()</issue> <issue id="1227716" tracker="bnc">VUL-0: CVE-2024-39494: kernel: ima: fix use-after-free on a dentry's dname.name</issue> <issue id="1227750" tracker="bnc">VUL-0: CVE-2023-52885: kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()</issue> <issue id="1227836" tracker="bnc">VUL-0: CVE-2024-40937: kernel: gve: clear napi->skb before dev_kfree_skb_any()</issue> <issue id="1227976" tracker="bnc">VUL-0: CVE-2022-48821: kernel: misc: fastrpc: avoid double fput() on failed usercopy</issue> <issue id="1228013" tracker="bnc">VUL-0: CVE-2022-48792: kernel: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task</issue> <issue id="1228114" tracker="bnc">VUL-0: CVE-2024-41011: kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages</issue> <issue id="1228328" tracker="bnc">VUL-0: CVE-2024-41090: kernel: virtio-net: tap: mlx5_core short frame denial of service</issue> <issue id="1228561" tracker="bnc">VUL-0: CVE-2024-41059: kernel: hfsplus: fix uninit-value in copy_name</issue> <issue id="1228644" tracker="bnc">VUL-0: CVE-2024-41069: kernel: ASoC: topology: fix references to freed memory</issue> <issue id="1228743" tracker="bnc">VUL-0: CVE-2024-42145: kernel: IB/core: implement a limit on UMAD receive List</issue> <issue id="2023-52686" tracker="cve" /> <issue id="2024-38559" tracker="cve" /> <issue id="2024-39494" tracker="cve" /> <issue id="2024-41069" tracker="cve" /> <issue id="2024-42145" tracker="cve" /> <issue id="2024-41059" tracker="cve" /> <issue id="2023-52885" tracker="cve" /> <issue id="2022-48792" tracker="cve" /> <issue id="2024-41090" tracker="cve" /> <issue id="2021-47291" tracker="cve" /> <issue id="2021-47126" tracker="cve" /> <issue id="2024-41011" tracker="cve" /> <issue id="2021-47598" tracker="cve" /> <issue id="2021-47580" tracker="cve" /> <issue id="2021-47219" tracker="cve" /> <issue id="2024-40937" tracker="cve" /> <issue id="2021-0129" tracker="cve" /> <issue id="2020-26558" tracker="cve" /> <issue id="2022-48821" tracker="cve" /> <issue id="2021-47506" tracker="cve" /> <issue id="2021-47520" tracker="cve" /> <issue id="2024-26583" tracker="cve" /> <issue id="2024-26584" tracker="cve" /> <issue id="2024-26585" tracker="cve" /> <issue id="2021-47600" tracker="cve" /> <issue id="2024-36974" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>jdelvare</packager> <reboot_needed/> <description>The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716). - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743). - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561). - CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227750). - CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013). - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328). - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1224918). - CVE-2021-47126: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (bsc#1221539). - CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114). - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574). - CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550). - CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824). - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836). - CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463). - CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610). - CVE-2022-48821: misc: fastrpc: avoid double fput() on failed usercopy (bsc#1227976). - CVE-2021-47506: nfsd: fix use-after-free due to delegation race (bsc#1225404). - CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). - CVE-2024-26583: tls: fix use-after-free on failed backlog decryption (bsc#1220185). - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). - CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575). - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519). The following non-security bugs were fixed: - Fix spurious WARNING caused by a qxl driver patch (bsc#1227213) - X.509: Fix the parser of extended key usage for length (bsc#1218820 bsc#1226666). - ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834). - powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). - powerpc/rtas: clean up includes (bsc#1227487). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
