File _patchinfo of Package patchinfo.35918

<patchinfo incident="35918">
  <issue id="1185988" tracker="bnc">VUL-0: kernel-source: oops in mq_timedsend()</issue>
  <issue id="1220826" tracker="bnc">VUL-0: CVE-2021-47069: kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry</issue>
  <issue id="1226145" tracker="bnc">VUL-0: CVE-2024-36971: kernel: fix __dst_negative_advice() race</issue>
  <issue id="1227487" tracker="bnc">powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()</issue>
  <issue id="1228466" tracker="bnc">VUL-0: CVE-2024-41087: kernel: ata: libata-core: Fix double free on error</issue>
  <issue id="1229633" tracker="bnc">VUL-0: CVE-2022-48911: kernel: netfilter: nf_queue: fix possible use-after-free</issue>
  <issue id="1230015" tracker="bnc">VUL-0: CVE-2024-44946: kernel: kcm: Serialise kcm_sendmsg() for the same socket.</issue>
  <issue id="1230245" tracker="bnc">VUL-0: CVE-2024-45003: kernel: vfs: Don't evict inode under the inode lru traversing context</issue>
  <issue id="1230326" tracker="bnc">ext4: xfstests ext4/058 BUG and ext4/059 OOPS</issue>
  <issue id="1230398" tracker="bnc">VUL-0: CVE-2022-48945: kernel: v4l: vivid: unpriviledged user can cause an unchecked pointer to the heap to be followed abusing V4L2_SEL_TGT_CROP</issue>
  <issue id="1230434" tracker="bnc">VUL-0: CVE-2024-45021: kernel: memcg_write_event_control(): fix a user-triggerable oops</issue>
  <issue id="1230519" tracker="bnc">VUL-0: CVE-2024-46695: kernel: selinux,smack: don't bypass permissions check in inode_setsecctx hook</issue>
  <issue id="1230767" tracker="bnc">VUL-0: CVE-2024-46774: kernel: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()</issue>
  <issue id="2021-47069" tracker="cve" />
  <issue id="2022-48911" tracker="cve" />
  <issue id="2022-48945" tracker="cve" />
  <issue id="2024-36971" tracker="cve" />
  <issue id="2024-41087" tracker="cve" />
  <issue id="2024-44946" tracker="cve" />
  <issue id="2024-45003" tracker="cve" />
  <issue id="2024-45021" tracker="cve" />
  <issue id="2024-46695" tracker="cve" />
  <issue id="2024-46774" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
- CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-41087: Fix double free on error (bsc#1228466).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-46695: selinux,smack: do not bypass permissions check in inode_setsecctx  hook (bsc#1230519).

The following non-security bugs were fixed:

- Revert "ext4: consolidate checks for resize of bigalloc into ext4_resize_begin" (bsc#1230326).
- ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1230326).
- ext4: add reserved GDT blocks check (bsc#1230326).
- ext4: consolidate checks for resize of bigalloc into ext4_resize_begin (bsc#1230326).
- ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1230326).
- kabi: add __nf_queue_get_refs() for kabi compliance.
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>