Overview

File _patchinfo of Package patchinfo.40971

<patchinfo incident="40971">
  <issue id="1237048" tracker="bnc">VUL-0: CVE-2025-21692: kernel live patch: net: sched: fix ets qdisc OOB Indexing</issue>
  <issue id="1240744" tracker="bnc">VUL-0: CVE-2025-21791: kernel live patch: vrf: use RCU protection in l3mdev_l3_out()</issue>
  <issue id="1245509" tracker="bnc">VUL-0: CVE-2025-38089: kernel live patch: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error</issue>
  <issue id="1247315" tracker="bnc">VUL-0: CVE-2025-38477: kernel live patch: net/sched: sch_qfq: Fix race condition on qfq_aggregate</issue>
  <issue id="2025-21692" tracker="cve" />
  <issue id="2025-21791" tracker="cve" />
  <issue id="2025-38089" tracker="cve" />
  <issue id="2025-38477" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 6.4.0-150600_10_26 fixes several issues.

The following security issues were fixed:

- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744).
- CVE-2025-38089: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (bsc#1245509).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237048).
</description>
<summary>Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places