Overview

File _patchinfo of Package patchinfo.41895

<patchinfo incident="41895">
  <issue id="1249806" tracker="bnc">VUL-0: CVE-2022-50280: kernel: pnode: terminate at peers of source</issue>
  <issue id="1251786" tracker="bnc">VUL-0: CVE-2023-53676: kernel: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()</issue>
  <issue id="1252267" tracker="bnc">[Suse][STORVSC] [Backport] Backport for Linux storage driver patch for fixing performance issues</issue>
  <issue id="1252780" tracker="bnc">VUL-0: CVE-2025-40040: kernel: mm/ksm: fix flag-dropping behavior in ksm_madvise</issue>
  <issue id="1252862" tracker="bnc">VUL-0: CVE-2025-40048: kernel: uio_hv_generic: Let userspace take care of interrupt mask</issue>
  <issue id="1253367" tracker="bnc">VUL-0: CVE-2025-40121: kernel: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping</issue>
  <issue id="1253431" tracker="bnc">VUL-0: CVE-2025-40154: kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping</issue>
  <issue id="1253436" tracker="bnc">VUL-0: CVE-2025-40204: kernel: sctp: Fix MAC comparison to be constant-time</issue>
  <issue id="1252033" tracker="bnc">VUL-0: CVE-2025-39967: kernel: fbcon: fix integer overflow in fbcon_do_set_font</issue>
  <issue id="2022-50280" tracker="cve" />
  <issue id="2023-53676" tracker="cve" />
  <issue id="2025-40040" tracker="cve" />
  <issue id="2025-40048" tracker="cve" />
  <issue id="2025-40121" tracker="cve" />
  <issue id="2025-40154" tracker="cve" />
  <issue id="2025-40204" tracker="cve" />
  <issue id="2025-39967" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>alix82</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40121: ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (bsc#1253367).
- CVE-2025-40154: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (bsc#1253431).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033)

The following non-security bugs were fixed:

- scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267).
</description>
<!-- inserted by gitlab@gitlab.suse.de:security/tools.git//home/securitybot/src/sectools/auto_maintenance.pl -->
<releasetarget project="SUSE:Updates:SLE-Product-SUSE-Manager-Server:4.3-LTS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SUSE-Manager-Server:4.3-LTS:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Product-SUSE-Manager-Server:4.3-LTS:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-SUSE-Manager-Retail-Branch-Server:4.3-LTS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SUSE-Manager-Proxy:4.3-LTS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP4:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP4:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP4-TERADATA:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP4-LTSS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP4-LTSS:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP4-LTSS:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP4-LTSS:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP4-LTSS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP4-LTSS:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP4-ESPOS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP4-ESPOS:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP4:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP4:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP4:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP4:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.4:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.4:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.4:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.3:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.3:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Micro:5.3:aarch64"/>
<releasetarget project="SUSE:SLE-15-SP4:Update"/>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places