Overview

File _patchinfo of Package patchinfo.37116

<patchinfo incident="37116">
  <issue id="1135481" tracker="bnc">xfstests generic/371 failed on 4.12.14-195-default in btrfs</issue>
  <issue id="1170891" tracker="bnc">[openQA][blktests][loop/001] test fails for PowerVM and x86_64</issue>
  <issue id="1171420" tracker="bnc">VUL-1: CVE-2020-12770: kernel-source: An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.</issue>
  <issue id="1173139" tracker="bnc">SLES 15 SP2 GMC - IOCTL BLKRRPART broken - patch missing</issue>
  <issue id="1175543" tracker="bnc">kvm guest network communication degraded after host upgrade to SLE15 SP1</issue>
  <issue id="1181006" tracker="bnc">Updated mpt3sas driver does not work with IBM TS4300 (3573-TL) and xen pci-passthrough</issue>
  <issue id="1185010" tracker="bnc">NXP i.MX8MM missing kernel modules in initrd</issue>
  <issue id="1187211" tracker="bnc">Error reported in /var/log/messages when expanding the NVMe/TCP LUN size on PowerMax</issue>
  <issue id="1187619" tracker="bnc">Swapoff /swap_file takes long time after resuming from Hibernate</issue>
  <issue id="1188412" tracker="bnc">SLES 15 SP3 - NVMe/RoCE CX-4 unable to ping target after reconnecting cable upon host reboot</issue>
  <issue id="1188616" tracker="bnc">Pull the latest changes submitted to libfc.</issue>
  <issue id="1188700" tracker="bnc">Black screen when booting OS with Comet Lake based Pentium/Tatlow platform.</issue>
  <issue id="1188983" tracker="bnc">VUL-0: CVE-2021-34556: kernel-source-rt,kernel-source,kernel-source-azure: An attacker can perform speculative load from arbitrary memory location, if he can control the content of a unsanitized memory before running a BPF program</issue>
  <issue id="1188985" tracker="bnc">VUL-0: CVE-2021-35477: kernel-source-rt,kernel-source-azure,kernel-source: Preempting store is incorrectly assumed to complete "fast" as it only depends on the BPF stack frame pointer which can be abused to disclose content of arbitrary kernel memory</issue>
  <issue id="1189760" tracker="bnc">NFSoRDMA client incorrectly handles requests against non RFC 8797 capable servers</issue>
  <issue id="1189762" tracker="bnc">Kernel 5.3.18-57/59 stuck in early boot on AMD hardware, iommu=soft helps</issue>
  <issue id="1189870" tracker="bnc">SLES NFS client cannot create+write together after update to SLES 15 SP3</issue>
  <issue id="1189872" tracker="bnc">[SLE15 SP3] mm: fix memory_failure() handling of dax-namespace metadata</issue>
  <issue id="1190117" tracker="bnc">VUL-0: CVE-2021-38160: kernel-source,kernel-source-rt,kernel-source-azure: data corruption or loss can be triggered by an untrusted device that supplies a buf-&gt;len value exceeding the buffer size in drivers/char/virtio_console.c</issue>
  <issue id="1190131" tracker="bnc">cgroup: verify that source is a string</issue>
  <issue id="1190181" tracker="bnc">cgroup1: fix leaked context root causing sporadic NULL deref in LTP</issue>
  <issue id="1190358" tracker="bnc">kernel-azure fails to build in update project</issue>
  <issue id="1190412" tracker="bnc">after update to kernel-default-5.3.18-lp152.87.1.x86_64 machine can't power off</issue>
  <issue id="1190428" tracker="bnc">kernel -extra subpackage contains no modules</issue>
  <issue id="1203332" tracker="bnc">VUL-0: CVE-2022-36280: kernel: out-of-bounds memory access vulnerability found in vmwgfx driver</issue>
  <issue id="1205521" tracker="bnc">fstests btrfs/262 fails</issue>
  <issue id="1209288" tracker="bnc">VUL-0: CVE-2023-1382: kernel: denial of service in tipc_conn_close</issue>
  <issue id="1209798" tracker="bnc">kernel-default build failed due to missing(?) build-id</issue>
  <issue id="1211593" tracker="bnc">VUL-0: CVE-2023-33951: kernel-source,kernel-source-rt,kernel-source-azure: Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability</issue>
  <issue id="1211595" tracker="bnc">VUL-0: CVE-2023-33952: kernel-source-rt,kernel-source,kernel-source-azure: Linux Kernel vmwgfx Driver Double Free Local Privilege Escalation Vulnerability</issue>
  <issue id="1215304" tracker="bnc">VUL-0: kernel: buffer overflow in s5p_cec_irq_handler</issue>
  <issue id="1216813" tracker="bnc">L3: 'unregister_netdevice: waiting for lo to become free. Usage count = 2' on busy container hosts [ref:_00D1igLOd._5005qYD2yg:ref]</issue>
  <issue id="1216909" tracker="bnc">Memory Allocation Failure is Not Checked in the XFS, Causing NULL Dereference</issue>
  <issue id="1219608" tracker="bnc">VUL-0: CVE-2024-24860: kernel-source,kernel-source-azure,kernel-source-rt: race condition in {min,max}_key_size_set() can lead to a kernel panic</issue>
  <issue id="1222878" tracker="bnc">VUL-0: CVE-2021-47202: kernel: thermal: NULL pointer dereferences in of_thermal_ functions</issue>
  <issue id="1223044" tracker="bnc">VUL-0: CVE-2024-26886: kernel: Bluetooth: af_bluetooth: Fix deadlock</issue>
  <issue id="1225758" tracker="bnc">VUL-0: CVE-2024-36915: kernel: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies</issue>
  <issue id="1225820" tracker="bnc">VUL-0: CVE-2024-36924: kernel: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()</issue>
  <issue id="1226694" tracker="bnc">VUL-0: CVE-2022-48742: kernel: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()</issue>
  <issue id="1228190" tracker="bnc">libceph: fix race between delayed_work() and ceph_monc_stop()</issue>
  <issue id="1229809" tracker="bnc">VUL-0: CVE-2024-44934: kernel: net: bridge: mcast: wait for previous gc cycles when removing port</issue>
  <issue id="1230422" tracker="bnc">Grace: Seeing stack trace with mlx5_core with kernel 5.14.21-150500.55.73</issue>
  <issue id="1230697" tracker="bnc">VUL-0: CVE-2024-8805: kernel: BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability</issue>
  <issue id="1231388" tracker="bnc">kernel: net/mlx5: devlink_param register/driverinit/set_features issues</issue>
  <issue id="1231453" tracker="bnc">VUL-0: CVE-2024-47666: kernel: scsi: pm80xx: Set phy-&gt;enable_completion only when we wait for it</issue>
  <issue id="1231854" tracker="bnc">VUL-0: CVE-2024-47678: kernel: icmp: change the order of rate limits</issue>
  <issue id="1232045" tracker="bnc">VUL-0: CVE-2022-49033: kernel: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()</issue>
  <issue id="1232157" tracker="bnc">VUL-0: CVE-2024-49952: kernel: netfilter: nf_tables: prevent nf_skb_duplicated corruption</issue>
  <issue id="1232166" tracker="bnc">VUL-0: CVE-2024-49944: kernel: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start</issue>
  <issue id="1232419" tracker="bnc">VUL-0: REJECTED: CVE-2024-50018: kernel: net: napi: Prevent overflow of napi_defer_hard_irqs</issue>
  <issue id="1232436" tracker="bnc">VUL-0: CVE-2024-53142: kernel: malformed cpio entry may leak early-boot memory contents</issue>
  <issue id="1232472" tracker="bnc">nfsd: inode locked twice during operation. And users unable to access NFS share  - ref:_00D1igLOd._500TrLPTxC:ref</issue>
  <issue id="1232823" tracker="bnc">VUL-0: CVE-2023-52920: kernel: bpf: support non-r10 register spill/fill to/from stack in precision tracking</issue>
  <issue id="1233038" tracker="bnc">VUL-0: CVE-2024-50143: kernel: udf: fix uninit-value use in udf_get_fileshortad</issue>
  <issue id="1233050" tracker="bnc">VUL-0: CVE-2024-50166: kernel: fsl/fman: Fix refcount handling of fman-related devices</issue>
  <issue id="1233070" tracker="bnc">VUL-0: CVE-2024-50154: kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().</issue>
  <issue id="1233096" tracker="bnc">VUL-0: CVE-2024-50211: kernel: udf: refactor inode_bmap() to handle error</issue>
  <issue id="1233127" tracker="bnc">VUL-0: CVE-2024-50181: kernel: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D</issue>
  <issue id="1233200" tracker="bnc">VUL-0: CVE-2024-50256: kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()</issue>
  <issue id="1233239" tracker="bnc">VUL-0: CVE-2024-50262: kernel: bpf: fix out-of-bounds write in trie_get_next_key()</issue>
  <issue id="1233324" tracker="bnc">VUL-0: CVE-2024-50202: kernel: nilfs2: propagate directory read errors from nilfs_find_entry()</issue>
  <issue id="1233467" tracker="bnc">VUL-0: CVE-2024-50278: kernel: dm cache: fix potential out-of-bounds access on the first resume</issue>
  <issue id="1233468" tracker="bnc">VUL-0: CVE-2024-50279: kernel: dm cache: fix out-of-bounds access to the dirty bitset when resizing</issue>
  <issue id="1233469" tracker="bnc">VUL-0: CVE-2024-50280: kernel: dm cache: fix flushing uninitialized delayed_work on cache_ctr error</issue>
  <issue id="1233485" tracker="bnc">VUL-0: CVE-2024-50296: kernel: net: hns3: fix kernel crash when uninstalling driver</issue>
  <issue id="1233547" tracker="bnc">VUL-0: CVE-2024-53051: kernel: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability</issue>
  <issue id="1233550" tracker="bnc">VUL-0: CVE-2024-53055: kernel: wifi: iwlwifi: mvm: fix 6 GHz scan construction</issue>
  <issue id="1233558" tracker="bnc">VUL-0: CVE-2024-53064: kernel: idpf: fix idpf_vc_core_init error path</issue>
  <issue id="1233564" tracker="bnc">VUL-0: CVE-2024-53072: kernel: platform/x86/amd/pmc: Detect when STB is not available</issue>
  <issue id="1233568" tracker="bnc">VUL-0: CVE-2024-53056: kernel: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy()</issue>
  <issue id="1233637" tracker="bnc">VUL-0: CVE-2024-53090: kernel: afs: Fix lock recursion</issue>
  <issue id="1233701" tracker="bnc">L3Q: Customer suffers from "kernel: fh_lock: /bin already locked!" warnings after upgrade to 15 SP5</issue>
  <issue id="1233769" tracker="bnc">VUL-0: CVE-2024-53101: kernel: fs: fix uninitialized value issue in from_kuid and from_kgid</issue>
  <issue id="1233837" tracker="bnc">L3: nfs restart stuck - exportfs process hangs on the expkey_flush function</issue>
  <issue id="1234072" tracker="bnc">VUL-0: CVE-2024-53114: kernel: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client</issue>
  <issue id="1234073" tracker="bnc">VUL-0: CVE-2024-53119: kernel: virtio/vsock: Fix accept_queue memory leak</issue>
  <issue id="1234075" tracker="bnc">VUL-0: CVE-2024-53120: kernel: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow</issue>
  <issue id="1234076" tracker="bnc">VUL-0: CVE-2024-53122: kernel: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust</issue>
  <issue id="1234077" tracker="bnc">VUL-0: CVE-2024-53113: kernel: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof</issue>
  <issue id="1234087" tracker="bnc">VUL-0: CVE-2024-53112: kernel: ocfs2: uncache inode which has failed entering the group</issue>
  <issue id="1234120" tracker="bnc">reset PG_slab and memcg_data before freeing __kfence_pool</issue>
  <issue id="1234156" tracker="bnc">VUL-0: CVE-2024-53125: kernel: bpf: sync_linked_regs() must preserve subreg_def</issue>
  <issue id="1234219" tracker="bnc">VUL-0: CVE-2024-53130: kernel: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint</issue>
  <issue id="1234220" tracker="bnc">VUL-0: CVE-2024-53131: kernel: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint</issue>
  <issue id="1234240" tracker="bnc">[PATCH] udf: refactor udf_current_aext() to handle error</issue>
  <issue id="1234241" tracker="bnc">[PATCH] udf: refactor udf_next_aext() to handle error</issue>
  <issue id="1234281" tracker="bnc">VUL-0: CVE-2024-53240: xen: XSA-465: Backend can crash Linux netfront</issue>
  <issue id="1234282" tracker="bnc">VUL-0: CVE-2024-53241: xen: XSA-466: Xen hypercall page unsafe against speculative attacks</issue>
  <issue id="1234294" tracker="bnc">Backport Nvidia Grace: ACPI/HMAT: Move HMAT messages to pr_debug()</issue>
  <issue id="1234338" tracker="bnc">[HPE][TPM] The tpm_tis_spi driver probe failed.</issue>
  <issue id="1234357" tracker="bnc">Request: pull upstream patch for "dmaengine: idxd: Check for driver name match before sva user feature" into SLES15 sp6 and sp5</issue>
  <issue id="1234437" tracker="bnc">[PATCH] udf: Handle error when adding extent to a file</issue>
  <issue id="1234464" tracker="bnc">Partner-L3: IDPF - Possible crashes on reset fixed upstream</issue>
  <issue id="1234605" tracker="bnc">Userspace crashes on parallels VM</issue>
  <issue id="1234639" tracker="bnc">kobject: Add sanity check for kset-&gt;kobj.ktype in kset_register()</issue>
  <issue id="1234650" tracker="bnc">nfsd: inode locked twice during operation</issue>
  <issue id="1234727" tracker="bnc">ipc/sem: Fix dangling sem_array access in semtimedop race</issue>
  <issue id="1234811" tracker="bnc">VUL-0: CVE-2024-53158: kernel: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()</issue>
  <issue id="1234827" tracker="bnc">VUL-0: CVE-2024-53157: kernel: firmware: arm_scpi: check the DVFS OPP count returned by the firmware</issue>
  <issue id="1234834" tracker="bnc">VUL-0: CVE-2024-53150: kernel: ALSA: usb-audio: fix out of bounds reads when finding clock sources</issue>
  <issue id="1234843" tracker="bnc">VUL-0: CVE-2024-53162: kernel: crypto: qat/qat_4xxx - fix off by one in uof_get_name()</issue>
  <issue id="1234846" tracker="bnc">VUL-0: CVE-2024-53156: kernel: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()</issue>
  <issue id="1234853" tracker="bnc">VUL-0: CVE-2024-53146: kernel: NFSD: prevent a potential integer overflow</issue>
  <issue id="1234856" tracker="bnc">VUL-0: CVE-2024-53161: kernel: EDAC/bluefield: fix potential integer overflow</issue>
  <issue id="1234891" tracker="bnc">VUL-0: CVE-2024-53173: kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()</issue>
  <issue id="1234912" tracker="bnc">VUL-0: CVE-2024-56549: kernel: cachefiles: fix NULL pointer dereference in object-&gt;file</issue>
  <issue id="1234920" tracker="bnc">VUL-0: CVE-2024-56755: kernel: netfs/fscache: add a memory barrier for FSCACHE_VOLUME_CREATING</issue>
  <issue id="1234921" tracker="bnc">VUL-0: CVE-2024-53179: kernel: smb: client: fix use-after-free of signing key</issue>
  <issue id="1234960" tracker="bnc">VUL-0: CVE-2024-53206: kernel: tcp: fix use-after-free of nreq in reqsk_timer_handler().</issue>
  <issue id="1234963" tracker="bnc">VUL-0: CVE-2024-56539: kernel: wifi: mwifiex: fix memcpy() field-spanning write warning in mwifiex_config_scan()</issue>
  <issue id="1234971" tracker="bnc">VUL-0: CVE-2024-53210: kernel: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct()</issue>
  <issue id="1234973" tracker="bnc">VUL-0: CVE-2024-53213: kernel: net: usb: lan78xx: fix double free issue with interrupt buffer allocation</issue>
  <issue id="1235004" tracker="bnc">VUL-0: CVE-2024-53214: kernel: vfio/pci: properly hide first-in-list PCIe extended capability</issue>
  <issue id="1235035" tracker="bnc">VUL-0: CVE-2024-56570: kernel: ovl: filter invalid inodes with missing lookup function</issue>
  <issue id="1235037" tracker="bnc">VUL-0: CVE-2024-56571: kernel: media: uvcvideo: require entities to have a non-zero unique ID</issue>
  <issue id="1235039" tracker="bnc">VUL-0: CVE-2024-56575: kernel: media: imx-jpeg: ensure power suppliers be suspended before detach them</issue>
  <issue id="1235054" tracker="bnc">VUL-0: CVE-2024-53239: kernel: ALSA: 6fire: release resources at card release</issue>
  <issue id="1235056" tracker="bnc">VUL-0: CVE-2024-56604: kernel: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()</issue>
  <issue id="1235061" tracker="bnc">VUL-0: CVE-2024-56605: kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()</issue>
  <issue id="1235073" tracker="bnc">VUL-0: CVE-2024-56548: kernel: hfsplus: don't query the device logical block size multiple times</issue>
  <issue id="1235220" tracker="bnc">VUL-0: CVE-2024-56598: kernel: jfs: array-index-out-of-bounds fix in dtReadFirst</issue>
  <issue id="1235224" tracker="bnc">VUL-0: CVE-2024-56619: kernel: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()</issue>
  <issue id="1235246" tracker="bnc">mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024</issue>
  <issue id="1235507" tracker="bnc">IDPF TX timeout bug fixed upstream</issue>
  <issue id="2020-12770" tracker="cve" />
  <issue id="2021-34556" tracker="cve" />
  <issue id="2021-35477" tracker="cve" />
  <issue id="2021-38160" tracker="cve" />
  <issue id="2021-47202" tracker="cve" />
  <issue id="2022-36280" tracker="cve" />
  <issue id="2022-48742" tracker="cve" />
  <issue id="2022-49033" tracker="cve" />
  <issue id="2022-49035" tracker="cve" />
  <issue id="2023-1382" tracker="cve" />
  <issue id="2023-33951" tracker="cve" />
  <issue id="2023-33952" tracker="cve" />
  <issue id="2023-52920" tracker="cve" />
  <issue id="2024-24860" tracker="cve" />
  <issue id="2024-26886" tracker="cve" />
  <issue id="2024-26924" tracker="cve" />
  <issue id="2024-36915" tracker="cve" />
  <issue id="2024-42232" tracker="cve" />
  <issue id="2024-44934" tracker="cve" />
  <issue id="2024-47666" tracker="cve" />
  <issue id="2024-47678" tracker="cve" />
  <issue id="2024-49944" tracker="cve" />
  <issue id="2024-49952" tracker="cve" />
  <issue id="2024-50018" tracker="cve" />
  <issue id="2024-50143" tracker="cve" />
  <issue id="2024-50154" tracker="cve" />
  <issue id="2024-50166" tracker="cve" />
  <issue id="2024-50181" tracker="cve" />
  <issue id="2024-50202" tracker="cve" />
  <issue id="2024-50211" tracker="cve" />
  <issue id="2024-50256" tracker="cve" />
  <issue id="2024-50262" tracker="cve" />
  <issue id="2024-50278" tracker="cve" />
  <issue id="2024-50279" tracker="cve" />
  <issue id="2024-50280" tracker="cve" />
  <issue id="2024-50296" tracker="cve" />
  <issue id="2024-53051" tracker="cve" />
  <issue id="2024-53055" tracker="cve" />
  <issue id="2024-53056" tracker="cve" />
  <issue id="2024-53064" tracker="cve" />
  <issue id="2024-53072" tracker="cve" />
  <issue id="2024-53090" tracker="cve" />
  <issue id="2024-53101" tracker="cve" />
  <issue id="2024-53113" tracker="cve" />
  <issue id="2024-53114" tracker="cve" />
  <issue id="2024-53119" tracker="cve" />
  <issue id="2024-53120" tracker="cve" />
  <issue id="2024-53122" tracker="cve" />
  <issue id="2024-53125" tracker="cve" />
  <issue id="2024-53130" tracker="cve" />
  <issue id="2024-53131" tracker="cve" />
  <issue id="2024-53142" tracker="cve" />
  <issue id="2024-53146" tracker="cve" />
  <issue id="2024-53150" tracker="cve" />
  <issue id="2024-53156" tracker="cve" />
  <issue id="2024-53157" tracker="cve" />
  <issue id="2024-53158" tracker="cve" />
  <issue id="2024-53161" tracker="cve" />
  <issue id="2024-53162" tracker="cve" />
  <issue id="2024-53173" tracker="cve" />
  <issue id="2024-53179" tracker="cve" />
  <issue id="2024-53206" tracker="cve" />
  <issue id="2024-53210" tracker="cve" />
  <issue id="2024-53213" tracker="cve" />
  <issue id="2024-53214" tracker="cve" />
  <issue id="2024-53239" tracker="cve" />
  <issue id="2024-53240" tracker="cve" />
  <issue id="2024-53241" tracker="cve" />
  <issue id="2024-56539" tracker="cve" />
  <issue id="2024-56548" tracker="cve" />
  <issue id="2024-56549" tracker="cve" />
  <issue id="2024-56570" tracker="cve" />
  <issue id="2024-56571" tracker="cve" />
  <issue id="2024-56575" tracker="cve" />
  <issue id="2024-56598" tracker="cve" />
  <issue id="2024-56604" tracker="cve" />
  <issue id="2024-56605" tracker="cve" />
  <issue id="2024-56619" tracker="cve" />
  <issue id="2024-56755" tracker="cve" />
  <issue id="2024-8805" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>Jeffreycheung</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694).
- CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045).
- CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558).
- CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827).
- CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971).
- CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037).
- CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).

The following non-security bugs were fixed:

- ACPI/HMAT: Move HMAT messages to pr_debug() (bsc#1234294)
- amd_hsmp: Add HSMP protocol version 5 messages (jsc#PED-1295).
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes).
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes).
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes).
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (git-fixes).
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (git-fixes).
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes).
- arm64: Ensure bits ASID[15:8] are masked out when the kernel uses (bsc#1234605)
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (git-fixes).
- autofs: use flexible array in ioctl structure (git-fixes).
- devlink: allow registering parameters after the instance (bsc#1231388 bsc#1230422).
- devlink: do not require setting features before registration (bsc#1231388 bsc#1230422).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dmaengine: idxd: add wq driver name support for accel-config user tool (bsc#1234357).
- dmaengine: idxd: Check for driver name match before sva user feature (bsc#1234357).
- Documentation: Add x86/amd_hsmp driver (jsc#PED-1295).
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- exfat: fix uninit-value in __exfat_get_dentry_set (git-fixes).
- hfsplus: do not query the device logical block size multiple times (git-fixes).
- idpf: add support for SW triggered interrupts (bsc#1235507).
- idpf: enable WB_ON_ITR (bsc#1235507).
- idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507).
- ipc/sem: Fix dangling sem_array access in semtimedop race (bsc#1234727).
- jffs2: Fix rtime decompressor (git-fixes).
- jffs2: fix use of uninitialized variable (git-fixes).
- jffs2: Prevent rtime decompress memory corruption (git-fixes).
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: array-index-out-of-bounds fix in dtReadFirst (git-fixes).
- jfs: fix array-index-out-of-bounds in jfs_readdir (git-fixes).
- jfs: fix shift-out-of-bounds in dbSplit (git-fixes).
- jfs: xattr: check invalid xattr size more strictly (git-fixes).
- kabi/severities: ignore intermodule symbols between fsl_fman and fsl_dpaa_eth
- kobject: Add sanity check for kset->kobj.ktype in kset_register() (bsc#1234639).
- KVM: x86: fix sending PV IPI (git-fixes).
- memory: tegra: Add API for retrieving carveout bounds (jsc#PED-1763).
- mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (bsc#1234120).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
- net/ipv6: release expired exception dst cached in socket (bsc#1216813).
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (git-fixes).
- NFSD: Fix nfsd4_shutdown_copy() (git-fixes).
- nfsd: make sure exp active before svc_export_show (git-fixes).
- NFSD: Move fill_pre_wcc() and fill_post_wcc() (bsc#1234650 bsc#1233701 bsc#1232472).
- NFSD: Prevent a potential integer overflow (git-fixes).
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (git-fixes).
- NFSD: reduce locking in nfsd_lookup() (bsc#1234650 bsc#1233701 bsc#1232472).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234650 bsc#1233701 bsc#1232472).
- nfsd: restore callback functionality for NFSv4.0 (git-fixes).
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (git-fixes).
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (git-fixes).
- nilfs2: prevent use of deleted inode (git-fixes).
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
- PCI: vmd: Fix secondary bus reset for Intel bridges (git-fixes).
- phy: tegra: p2u: Set ENABLE_L2_EXIT_RATE_CHANGE in calibration (jsc#PED-1763).
- platform/x86: Add AMD system management interface (jsc#PED-1295).
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (git-fixes).
- pwm: tegra: Improve required rate calculation (jsc#PED-1763).
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- scatterlist: fix incorrect func name in kernel-doc (git-fixes).
- scripts/git_sort/git_sort.py: add tegra DRM and linux-pwm repo
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes).
- serial: tegra: Read DMA status before terminating (jsc#PED-1763).
- smb: client: fix TCP timers deadlock after rmmod (git-fixes) (bsc#1233642).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- SUNRPC: make sure cache entry active before cache_show (git-fixes).
- sunrpc: simplify two-level sysctl registration for svcrdma_parm_table (git-fixes).
- svcrdma: Address an integer overflow (git-fixes).
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (git-fixes).
- tpm_tis_spi: Release chip select when flow control fails (bsc#1234338)
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (git-fixes).
- ubifs: Correct the total block count by deducting journal reservation (git-fixes).
- udf: Handle error when adding extent to a file (bsc#1234437).
- udf: refactor udf_current_aext() to handle error (bsc#1234240).
- udf: refactor udf_next_aext() to handle error (bsc#1234241).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes).
- x86: Annotate call_on_stack() (git-fixes).
- x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes).
- x86/fpu: Remove unused supervisor only offsets (git-fixes).
- x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes).
- x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes).
- x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes).
- x86/mce: Allow instrumentation during task work queueing (git-fixes).
- x86/mce: Mark mce_end() noinstr (git-fixes).
- x86/mce: Mark mce_panic() noinstr (git-fixes).
- x86/mce: Mark mce_read_aux() noinstr (git-fixes).
- x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes).
- x86/mm: Flush global TLB when switching to trampoline page-table (git-fixes).
- x86/sgx: Free backing memory after faulting the enclave page (git-fixes).
- x86/sgx: Silence softlockup detection when releasing large enclaves (git-fixes).
- x86/uaccess: Move variable into switch case statement (git-fixes).
- xfs: can't use kmem_zalloc() for attribute buffers (bsc#1216909).
- zonefs: fix zone report size in __zonefs_io_error() (git-fixes).
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places