Overview

File _patchinfo of Package patchinfo.37761

<patchinfo incident="37761">
  <issue id="1208995" tracker="bnc">VUL-0: CVE-2023-1192: kernel: use-after-free in smb2_is_status_io_timeout()</issue>
  <issue id="1220946" tracker="bnc">VUL-0: CVE-2023-52572: kernel: cifs: Fix UAF in cifs_demultiplex_thread()</issue>
  <issue id="1224700" tracker="bnc">VUL-0: CVE-2024-35949: kernel: btrfs: make sure that WRITTEN is set on all metadata blocks</issue>
  <issue id="1225742" tracker="bnc">VUL-0: CVE-2024-36905: kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets</issue>
  <issue id="1232905" tracker="bnc">VUL-0: CVE-2024-50128: kernel: net: wwan: fix global oob in wwan_rtnl_policy</issue>
  <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue>
  <issue id="1234154" tracker="bnc">VUL-0: CVE-2024-53135: kernel: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN</issue>
  <issue id="1234853" tracker="bnc">VUL-0: CVE-2024-53146: kernel: NFSD: prevent a potential integer overflow</issue>
  <issue id="1234891" tracker="bnc">VUL-0: CVE-2024-53173: kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()</issue>
  <issue id="1234963" tracker="bnc">VUL-0: CVE-2024-56539: kernel: wifi: mwifiex: fix memcpy() field-spanning write warning in mwifiex_config_scan()</issue>
  <issue id="1235054" tracker="bnc">VUL-0: CVE-2024-53239: kernel: ALSA: 6fire: release resources at card release</issue>
  <issue id="1235061" tracker="bnc">VUL-0: CVE-2024-56605: kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()</issue>
  <issue id="1235073" tracker="bnc">VUL-0: CVE-2024-56548: kernel: hfsplus: don't query the device logical block size multiple times</issue>
  <issue id="1236661" tracker="bnc">idpf: fix the missing call to set_real_num_queues in the link up flows</issue>
  <issue id="1236675" tracker="bnc">KVM guest running docker workloads freezes - ref:_00D1igLOd._500TrIYlez:ref</issue>
  <issue id="1236677" tracker="bnc">VUL-0: CVE-2024-57948: kernel: mac802154: check local interfaces before deleting sdata list</issue>
  <issue id="1236757" tracker="bnc">net: netvsc: Update default VMBus channels</issue>
  <issue id="1236758" tracker="bnc">net: mana: Enable debugfs files for MANA device</issue>
  <issue id="1236760" tracker="bnc">net: mana: Cleanup "mana" debugfs dir after cleanup of all children</issue>
  <issue id="1236761" tracker="bnc">net: mana: Add get_link and get_link_ksettings in ethtool</issue>
  <issue id="1237025" tracker="bnc">VUL-0: CVE-2025-21690: kernel: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service</issue>
  <issue id="1237028" tracker="bnc">VUL-0: CVE-2025-21692: kernel: net: sched: fix ets qdisc OOB Indexing</issue>
  <issue id="1237139" tracker="bnc">VUL-0: CVE-2025-21699: kernel: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag</issue>
  <issue id="1237316" tracker="bnc">IDPF kdump bug</issue>
  <issue id="1237693" tracker="bnc">Backport 5.15 stable patch to address IDPF timeout</issue>
  <issue id="1238033" tracker="bnc">VUL-0: CVE-2022-49080: kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace</issue>
  <issue id="2022-49080" tracker="cve" />
  <issue id="2023-1192" tracker="cve" />
  <issue id="2023-52572" tracker="cve" />
  <issue id="2024-35949" tracker="cve" />
  <issue id="2024-50115" tracker="cve" />
  <issue id="2024-50128" tracker="cve" />
  <issue id="2024-53135" tracker="cve" />
  <issue id="2024-53173" tracker="cve" />
  <issue id="2024-53239" tracker="cve" />
  <issue id="2024-56539" tracker="cve" />
  <issue id="2024-56548" tracker="cve" />
  <issue id="2024-56605" tracker="cve" />
  <issue id="2024-57948" tracker="cve" />
  <issue id="2025-21690" tracker="cve" />
  <issue id="2025-21692" tracker="cve" />
  <issue id="2025-21699" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>alix82</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-57948: mac802154: check local interfaces before deleting sdata list (bsc#1236677).
- CVE-2025-21690: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (bsc#1237025).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139).

The following non-security bugs were fixed:

- idpf: call set_real_num_queues in idpf_open (bsc#1236661 bsc#1237316).
- ipv4/tcp: do not use per netns ctl sockets (bsc#1237693).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- scsi: storvsc: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (git-fixes).
- x86/kvm: fix is_stale_page_fault() (bsc#1236675).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places