File _patchinfo of Package patchinfo.38623
<patchinfo incident="38623"> <issue id="1201855" tracker="bnc">smartpqi - Patches for SLES15 SP5</issue> <issue id="1230771" tracker="bnc">VUL-0: CVE-2024-46784: kernel: net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup</issue> <issue id="1238471" tracker="bnc">VUL-0: CVE-2025-21812: kernel: ax25: rcu protect dev->ax25_ptr</issue> <issue id="1238512" tracker="bnc">VUL-0: CVE-2025-21791: kernel: vrf: use RCU protection in l3mdev_l3_out()</issue> <issue id="1238747" tracker="bnc">VUL-0: CVE-2025-21785: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array</issue> <issue id="1238865" tracker="bnc">VUL-0: CVE-2025-21726: kernel: padata: avoid UAF for reorder_work</issue> <issue id="1239968" tracker="bnc">fstests btrfs/325 fails on SLE15-SP4</issue> <issue id="1240188" tracker="bnc">VUL-0: CVE-2025-21886: kernel: RDMA/mlx5: Fix implicit ODP hang on parent deregistration</issue> <issue id="1240195" tracker="bnc">fix error handling in mana_create_txq/rxq's NAPI cleanup</issue> <issue id="1240553" tracker="bnc">Request for backport of smartpqi: Add ctrl ready timeout module parameter</issue> <issue id="1240747" tracker="bnc">VUL-0: CVE-2022-49741: kernel: fbdev: smscufx: memory leak due to error handling code in ufx_usb_probe</issue> <issue id="1240835" tracker="bnc">VUL-0: CVE-2025-22004: kernel: net: atm: fix use after free in lec_send()</issue> <issue id="1241280" tracker="bnc">VUL-0: CVE-2025-22020: kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove</issue> <issue id="1241371" tracker="bnc">VUL-0: CVE-2025-22055: kernel: net: fix geneve_opt length integer overflow</issue> <issue id="1241421" tracker="bnc">VUL-0: CVE-2021-47671: kernel: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path</issue> <issue id="1241433" tracker="bnc">VUL-0: CVE-2025-22045: kernel: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs</issue> <issue id="1241541" tracker="bnc">VUL-0: CVE-2025-22097: kernel: drm/vkms: fix use after free and double free on init error</issue> <issue id="2021-47671" tracker="cve" /> <issue id="2022-49741" tracker="cve" /> <issue id="2024-46784" tracker="cve" /> <issue id="2025-21726" tracker="cve" /> <issue id="2025-21785" tracker="cve" /> <issue id="2025-21791" tracker="cve" /> <issue id="2025-21812" tracker="cve" /> <issue id="2025-21886" tracker="cve" /> <issue id="2025-22004" tracker="cve" /> <issue id="2025-22020" tracker="cve" /> <issue id="2025-22045" tracker="cve" /> <issue id="2025-22055" tracker="cve" /> <issue id="2025-22097" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alix82</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865). - CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747). - CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512). - CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). - CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835). - CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280). - CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433). - CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371). - CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541). The following non-security bugs were fixed: - scsi: smartpqi: Add ctrl ready timeout module parameter (jsc#PED-1557, bsc#1201855, bsc#1240553). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
