Overview

File _patchinfo of Package patchinfo.28604

<patchinfo incident="28604">
  <issue id="1209687" tracker="bnc">VUL-0: CVE-2023-1611: kernel: race between quota disable and quota assign ioctls in fs/btrfs/ioctl.c</issue>
  <issue id="1210203" tracker="bnc">VUL-0: CVE-2023-1838: kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend()</issue>
  <issue id="2023-1611" tracker="cve" />
  <issue id="2023-1838" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>olh</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2023-1611: Fixed an use-after-free flaw in btrfs_search_slot (bsc#1209687).
- CVE-2023-1838: Fixed an use-after-free flaw in virtio network subcomponent. This flaw could allow a local attacker to crash the system and lead to a kernel information leak problem. (bsc#1210203).

The following non-security bugs were fixed:

- alarmtimer: Prevent starvation by small intervals and SIG_IGN (git-fixes)
- ALSA: asihpi: check pao in control_message() (git-fixes).
- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo X370SNW (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds (git-fixes).
- can: isotp: isotp_ops: fix poll() to not report false EPOLLOUT events (git-fixes).
- can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access (git-fixes).
- cifs: double lock in cifs_reconnect_tcon() (git-fixes).
- clocksource/drivers/mediatek: Optimize systimer irq clear flow on shutdown (git-fixes).
- drm/amd/display: Add DSC Support for Synaptics Cascaded MST Hub (git-fixes).
- drm/etnaviv: fix reference leak when mmaping imported buffer (git-fixes).
- drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path (git-fixes).
- dt-bindings: serial: renesas,scif: Fix 4th IRQ for 4-IRQ SCIFs (git-fixes).
- fbdev: au1200fb: Fix potential divide by zero (git-fixes).
- fbdev: intelfb: Fix potential divide by zero (git-fixes).
- fbdev: lxfb: Fix potential divide by zero (git-fixes).
- fbdev: nvidia: Fix potential divide by zero (git-fixes).
- fbdev: tgafb: Fix potential divide by zero (git-fixes).
- ftrace: Fix issue that 'direct->addr' not restored in modify_ftrace_direct() (git-fixes).
- ftrace: Mark get_lock_parent_ip() __always_inline (git-fixes).
- gpio: davinci: Add irq chip flag to skip set wake (git-fixes).
- gpio: GPIO_REGMAP: select REGMAP instead of depending on it (git-fixes).
- iio: adc: ad7791: fix IRQ flags (git-fixes).
- iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip (git-fixes).
- iio: adis16480: select CONFIG_CRC32 (git-fixes).
- iio: dac: cio-dac: Fix max DAC write value check for 12-bit (git-fixes).
- iio: light: cm32181: Unregister second I2C client if present (git-fixes).
- Input: focaltech - use explicitly signed char type (git-fixes).
- Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table (git-fixes).
- kABI workaround for xhci (git-fixes).
- mm: mmap: remove newline at the end of the trace (git-fixes).
- mtd: rawnand: meson: fix bitmask for length in command word (git-fixes).
- mtd: rawnand: stm32_fmc2: remove unsupported EDO mode (git-fixes).
- mtd: rawnand: stm32_fmc2: use timings.mode instead of checking tRC_min (git-fixes).
- mtdblock: tolerate corrected bit-flips (git-fixes).
- nilfs2: fix sysfs interface lifetime (git-fixes).
- platform/x86: think-lmi: Clean up display of current_value on Thinkstation (git-fixes).
- platform/x86: think-lmi: Fix memory leak when showing current settings (git-fixes).
- platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings (git-fixes).
- pwm: cros-ec: Explicitly set .polarity in .get_state() (git-fixes).
- pwm: sprd: Explicitly set .polarity in .get_state() (git-fixes).
- rcu: Fix rcu_torture_read ftrace event (git-fixes).
- ring-buffer: Fix race while reader and writer are on the same page (git-fixes).
- timers: Prevent union confusion from unexpected (git-fixes)
- tracing: Add trace_array_puts() to write into instance (git-fixes).
- tracing: Fix wrong return in kprobe_event_gen_test.c (git-fixes).
- tracing: Free error logs of tracing instances (git-fixes).
- tracing: Have tracing_snapshot_instance_cond() write errors to the appropriate instance (git-fixes).
- tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty (git-fixes).
- tty: serial: sh-sci: Fix Rx on RZ/G2L SCI (git-fixes).
- tty: serial: sh-sci: Fix transmit end interrupt handler (git-fixes).
- usb: cdnsp: Fixes error: uninitialized symbol 'len' (git-fixes).
- usb: typec: altmodes/displayport: Fix configure initial pin assignment (git-fixes).
- usb: ucsi: Fix ucsi->connector race (git-fixes).
- usb: xhci: tegra: fix sleep in atomic call (git-fixes).
- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (git-fixes).
- wireguard: ratelimiter: use hrtimer in selftest (git-fixes)
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (git-fixes).
- xhci: Free the command allocated for setting LPM if we return early (git-fixes).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places