Overview

File _patchinfo of Package patchinfo.41866

<patchinfo incident="41866">
  <issue id="1249806" tracker="bnc">VUL-0: CVE-2022-50280: kernel: pnode: terminate at peers of source</issue>
  <issue id="1251786" tracker="bnc">VUL-0: CVE-2023-53676: kernel: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()</issue>
  <issue id="1252560" tracker="bnc">VUL-0: CVE-2023-53717: kernel: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()</issue>
  <issue id="1252780" tracker="bnc">VUL-0: CVE-2025-40040: kernel: mm/ksm: fix flag-dropping behavior in ksm_madvise</issue>
  <issue id="1253367" tracker="bnc">VUL-0: CVE-2025-40121: kernel: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping</issue>
  <issue id="1253431" tracker="bnc">VUL-0: CVE-2025-40154: kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping</issue>
  <issue id="1253436" tracker="bnc">VUL-0: CVE-2025-40204: kernel: sctp: Fix MAC comparison to be constant-time</issue>
  <issue id="2022-50280" tracker="cve" />
  <issue id="2023-53676" tracker="cve" />
  <issue id="2023-53717" tracker="cve" />
  <issue id="2025-40040" tracker="cve" />
  <issue id="2025-40121" tracker="cve" />
  <issue id="2025-40154" tracker="cve" />
  <issue id="2025-40204" tracker="cve" />
  <issue id="PED-14062" tracker="jsc" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2023-53717: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() (bsc#1252560).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367).
- CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).

The following non-security bugs were fixed:

- Disable the cpu5wdt driver (jsc#PED-14062).
</description>
        <summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places