Overview

File _patchinfo of Package patchinfo.33954

<patchinfo incident="33954">
  <issue id="1216644" tracker="bnc">VUL-0: CVE-2023-5717: kernel live patch: heap out-of-bounds write vulnerability related to perf_read_group() can be exploited to achieve local privilege escalation</issue>
  <issue id="1218259" tracker="bnc">VUL-0: CVE-2023-6931: kernel live patch: heap out-of-bounds write in perf_read_group</issue>
  <issue id="1220211" tracker="bnc">VUL-0: CVE-2024-26585: kernel live patch: tls: race condition between tx work scheduling and socket close</issue>
  <issue id="1220832" tracker="bnc">VUL-0: CVE-2023-52502: kernel live patch: net: nfc: race conditions in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()</issue>
  <issue id="1221302" tracker="bnc">VUL-0: CVE-2024-26610: kernel live patch: wifi: iwlwifi: fix a memory corruption</issue>
  <issue id="1222685" tracker="bnc">VUL-0: CVE-2023-6546: kernel live patch: GSM multiplexing race condition leads to privilege escalation</issue>
  <issue id="1222882" tracker="bnc">VUL-0: CVE-2024-26766: kernel live patch: IB/hfi1: sdma.h tx-&gt;num_descs off-by-one error</issue>
  <issue id="1223514" tracker="bnc">VUL-0: CVE-2022-48651: kernel live patch: ipvlan: Fix out-of-bound bugs caused by unset skb-&gt;mac_header</issue>
  <issue id="2022-48651" tracker="cve" />
  <issue id="2023-52502" tracker="cve" />
  <issue id="2023-6546" tracker="cve" />
  <issue id="2023-6931" tracker="cve" />
  <issue id="2024-26585" tracker="cve" />
  <issue id="2024-26610" tracker="cve" />
  <issue id="2024-26766" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.14.21-150500_55_7 fixes several issues.

The following security issues were fixed:

- CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). 
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
- CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211).
- CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685).
</description>
<summary>Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places