Overview

File _patchinfo of Package patchinfo.42584

<patchinfo incident="42584">
  <issue tracker="bnc" id="1228490">VUL-0: CVE-2024-42103: kernel: btrfs: fix adding block group to a reclaim list and the unused list during reclaim</issue>
  <issue tracker="bnc" id="1233563">VUL-0: CVE-2024-53070: kernel: usb: dwc3: fix fault at system suspend if device was already runtime suspended</issue>
  <issue tracker="bnc" id="1234842">VUL-0: CVE-2024-53149: kernel: usb: typec: ucsi: glink: fix off-by-one in connector_status</issue>
  <issue tracker="bnc" id="1241437">VUL-0: CVE-2025-22047: kernel: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value</issue>
  <issue tracker="bnc" id="1242909">VUL-0: CVE-2025-37813: kernel: usb: xhci: Fix invalid pointer dereference in Etron workaround</issue>
  <issue tracker="bnc" id="1246184">VUL-0: CVE-2025-38243: kernel: btrfs: fix invalid inode pointer dereferences during log replay</issue>
  <issue tracker="bnc" id="1246447">VUL-0: CVE-2025-38322: kernel: perf/x86/intel: Fix crash in icl_update_topdown_event()</issue>
  <issue tracker="bnc" id="1247030">VUL-0: CVE-2025-38379: kernel: smb: client: fix warning when reconnecting channel</issue>
  <issue tracker="bnc" id="1247712">Partner-L3: [HPE Bug] SR-IOV fails to enable on XD230 Gen12 with E810 nic</issue>
  <issue tracker="bnc" id="1248211">VUL-0: CVE-2025-38539: kernel: tracing: Add down_write(trace_event_sem) when adding trace event</issue>
  <issue tracker="bnc" id="1249307">VUL-0: CVE-2025-39689: kernel: ftrace: Also allocate and copy hash for reading of filter files</issue>
  <issue tracker="bnc" id="1250032">VUL-0: CVE-2025-39813: kernel: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump</issue>
  <issue tracker="bnc" id="1250082">VUL-0: CVE-2025-39829: kernel: trace/fgraph: Fix the warning caused by missing unregister notifier</issue>
  <issue tracker="bnc" id="1250705">VUL-0: CVE-2025-39913: kernel: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-&gt;cork.</issue>
  <issue tracker="bnc" id="1250748">general protection fault, probably for non-canonical address 0xdead000000000108 in smb2_close_cached_fid+0x25 &#8212; thread::g6413aRZLBavd9BEGzg6xis::</issue>
  <issue tracker="bnc" id="1252511">Upgrade from SLES15-SP5 to SP7 breaks third party application FloEFD</issue>
  <issue tracker="bnc" id="1252712">Backport fix for Linux SMB client directory contents caching</issue>
  <issue tracker="bnc" id="1252900">VUL-0: CVE-2025-40097: kernel: ALSA: hda: Fix missing pointer check in hda_component_manager_init function</issue>
  <issue tracker="bnc" id="1253087">L3: Increased Swap Activity After Upgrade from SLES15 SP5 to SP7</issue>
  <issue tracker="bnc" id="1253451">VUL-0: CVE-2025-40202: kernel: ipmi: Rework user message limit handling</issue>
  <issue tracker="bnc" id="1254378">L3: Slow I/O Performance on EXT3 filesystems after updating to SLES 15 sp 6 - L3 for the analysis / validity of the performance tests performed by the customer.</issue>
  <issue tracker="bnc" id="1254447">L3: system hungs up without no clear error/warning messages - thread::r03Hb1oCINKWUr2R5vhM7ys::</issue>
  <issue tracker="bnc" id="1254465">VUL-0: CVE-2023-53714: kernel: drm/stm: ltdc: fix late dereference check</issue>
  <issue tracker="bnc" id="1254510">:kernel/sched/core.c:5862 sched_tick_remote+0x136/0x190   -  thread::jmMyRTH0LEagGH2jo6QMOis::</issue>
  <issue tracker="bnc" id="1254767">L3: Backport of "net: tcp: send zero-window ACK when no memory"</issue>
  <issue tracker="bnc" id="1254842">VUL-0: CVE-2025-40257: kernel: mptcp: fix a race in mptcp_pm_del_add_timer()</issue>
  <issue tracker="bnc" id="1254845">VUL-0: CVE-2025-40259: kernel: scsi: sg: Do not sleep in atomic context</issue>
  <issue tracker="bnc" id="1255377">VUL-0: CVE-2025-68284: kernel: libceph: prevent potential out-of-bounds writes in handle_auth_session_key()</issue>
  <issue tracker="bnc" id="1255401">VUL-0: CVE-2025-68285: kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()</issue>
  <issue tracker="bnc" id="1256528">SLE15-SP7 kernel doesn't boot with the latest upstream ucode-amd</issue>
  <issue tracker="bnc" id="1256609">VUL-0: CVE-2025-71081: kernel: ASoC: stm32: sai: fix OF node leak on probe</issue>
  <issue tracker="bnc" id="1256610">VUL-0: CVE-2025-71083: kernel: drm/ttm: Avoid NULL pointer deref for evicted BOs</issue>
  <issue tracker="bnc" id="1256612">VUL-0: CVE-2025-71089: kernel: iommu: disable SVA when CONFIG_X86 is set</issue>
  <issue tracker="bnc" id="1256616">VUL-0: CVE-2025-71078: kernel: powerpc/64s/slb: Fix SLB multihit issue during SLB preload</issue>
  <issue tracker="bnc" id="1256617">VUL-0: CVE-2025-68804: kernel: platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver</issue>
  <issue tracker="bnc" id="1256623">VUL-0: CVE-2025-71085: kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()</issue>
  <issue tracker="bnc" id="1256641">VUL-0: CVE-2025-68813: kernel: ipvs: fix ipv4 null-ptr-deref in route error path</issue>
  <issue tracker="bnc" id="1256664">VUL-0: CVE-2025-68819: kernel: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()</issue>
  <issue tracker="bnc" id="1256665">VUL-0: CVE-2025-68775: kernel: net/handshake: duplicate handshake cancellations leak socket</issue>
  <issue tracker="bnc" id="1256682">VUL-0: CVE-2025-68808: kernel: media: vidtv: initialize local pointers upon transfer of memory ownership</issue>
  <issue tracker="bnc" id="1256726">VUL-0: CVE-2025-71112: kernel: net: hns3: add VLAN id validation before using</issue>
  <issue tracker="bnc" id="1256728">VUL-0: CVE-2025-71111: kernel: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU</issue>
  <issue tracker="bnc" id="1256759">VUL-0: CVE-2025-71136: kernel: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()</issue>
  <issue tracker="bnc" id="1256779">VUL-0: CVE-2025-71120: kernel: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf</issue>
  <issue tracker="bnc" id="1256792">kbdrate over ssh crashes aarch64 kernel</issue>
  <issue tracker="bnc" id="1257154">smb cache_dir related crash with 6.4.0-150600.23.81 kernel -  thread::PwoUaOEaLLq4Y9ys9ZRAMSs::</issue>
  <issue tracker="bnc" id="1257158">VUL-0: CVE-2025-71147: kernel: KEYS: trusted: Fix a memory leak in tpm2_load_cmd</issue>
  <issue tracker="bnc" id="1257232">VUL-0: CVE-2026-23001: kernel: macvlan: fix possible UAF in macvlan_forward_source()</issue>
  <issue tracker="bnc" id="1257236">VUL-0: CVE-2026-22999: kernel: net/sched: sch_qfq: do not free existing class in qfq_change_class()</issue>
  <issue tracker="bnc" id="1257296">[SUSE][storvsc][Backport] Backport storvsc patch for handling MODE_SENSE_10</issue>
  <issue tracker="bnc" id="1257332">VUL-0: CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del().</issue>
  <issue tracker="bnc" id="1257473">[SUSE]{hv_netvsc][Backport] net: hv_netvsc: reject RSS hash key programming without RX indirection table</issue>
  <issue tracker="bnc" id="1257603">selftests: bpf: test_select_reuseport_kern.c fails to build with glibc 2.42</issue>
  <issue tracker="cve" id="2023-53714"/>
  <issue tracker="cve" id="2024-42103"/>
  <issue tracker="cve" id="2024-53070"/>
  <issue tracker="cve" id="2024-53149"/>
  <issue tracker="cve" id="2025-22047"/>
  <issue tracker="cve" id="2025-37813"/>
  <issue tracker="cve" id="2025-38243"/>
  <issue tracker="cve" id="2025-38322"/>
  <issue tracker="cve" id="2025-38379"/>
  <issue tracker="cve" id="2025-38539"/>
  <issue tracker="cve" id="2025-39689"/>
  <issue tracker="cve" id="2025-39813"/>
  <issue tracker="cve" id="2025-39829"/>
  <issue tracker="cve" id="2025-39913"/>
  <issue tracker="cve" id="2025-40097"/>
  <issue tracker="cve" id="2025-40202"/>
  <issue tracker="cve" id="2025-40257"/>
  <issue tracker="cve" id="2025-40259"/>
  <issue tracker="cve" id="2025-68284"/>
  <issue tracker="cve" id="2025-68285"/>
  <issue tracker="cve" id="2025-68775"/>
  <issue tracker="cve" id="2025-68804"/>
  <issue tracker="cve" id="2025-68808"/>
  <issue tracker="cve" id="2025-68813"/>
  <issue tracker="cve" id="2025-68819"/>
  <issue tracker="cve" id="2025-71078"/>
  <issue tracker="cve" id="2025-71081"/>
  <issue tracker="cve" id="2025-71083"/>
  <issue tracker="cve" id="2025-71085"/>
  <issue tracker="cve" id="2025-71089"/>
  <issue tracker="cve" id="2025-71111"/>
  <issue tracker="cve" id="2025-71112"/>
  <issue tracker="cve" id="2025-71120"/>
  <issue tracker="cve" id="2025-71136"/>
  <issue tracker="cve" id="2025-71147"/>
  <issue tracker="cve" id="2026-22999"/>
  <issue tracker="cve" id="2026-23001"/>
  <issue tracker="cve" id="2026-23010"/>
  <issue tracker="jsc" id="PED-3527"/>
  <issue tracker="jsc" id="PED-5065"/>
  <issue tracker="jsc" id="PED-5475"/>
  <issue tracker="jsc" id="PED-5477"/>
  <issue tracker="jsc" id="PED-5511"/>
  <issue tracker="jsc" id="PED-6041"/>
  <issue tracker="jsc" id="PED-6068"/>
  <issue tracker="jsc" id="PED-6069"/>
  <issue tracker="jsc" id="PED-6070"/>
  <issue tracker="jsc" id="PED-6071"/>
  <issue tracker="jsc" id="PED-6116"/>
  <issue tracker="jsc" id="PED-6120"/>
  <category>security</category>
  <rating>important</rating>
  <packager>tabraham1</packager>
  <reboot_needed/>
<!-- inserted by gitlab@gitlab.suse.de:security/tools.git//home/securitybot/src/sectools/auto_maintenance.pl -->
<releasetarget project="SUSE:Updates:openSUSE-SLE:15.6"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP6:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP6:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP6-LTSS:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP6-LTSS:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP6-LTSS:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP6-LTSS:aarch64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP6:x86_64"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP6:s390x"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP6:ppc64le"/>
<releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP6:aarch64"/>
<releasetarget project="SUSE:SLE-15-SP6:Update"/>
  <summary>Security update for the Linux Kernel</summary>
  <description>
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2025-40257: mptcp: fix a race in mptcp_pm_del_add_timer() (bsc#1254842).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255377).
- CVE-2025-68285: libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255401).
- CVE-2025-68775: net/handshake: duplicate handshake cancellations leak socket (bsc#1256665).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256612).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23001: macvlan: fix possible UAF in macvlan_forward_source() (bsc#1257232).
- CVE-2026-23010: ipv6: Fix use-after-free in inet6_addr_del() (bsc#1257332).

The following non security issues were fixed:

- bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603).
- btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes).
- cifs: Fix copy offload to flush destination region (bsc#1252511).
- cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511).
- cifs: add new field to track the last access time of cfid (git-fixes).
- ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378).
- ice: use netif_get_num_default_rss_queues() (bsc#1247712).
- mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1253087).
- net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473).
- net: tcp: allow zero-window ACK update the window (bsc#1254767).
- sched: Increase sched_tick_remote timeout (bsc#1254510).
- scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296).
- smb: change return type of cached_dir_lease_break() to bool (git-fixes).
- smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes).
- smb: client: remove unused fid_lock (git-fixes).
- smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes).
- smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748).
- smb: client: update cfid-&gt;last_access_time in open_cached_dir_by_dentry() (git-fixes).
- smb: improve directory cache reuse for readdir operations (bsc#1252712).
- x86: make page fault handling disable interrupts properly (git-fixes).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places