File _patchinfo of Package patchinfo.36757
<patchinfo incident="36757"> <issue id="1154353" tracker="bnc">Update skb/net-sched kernel API</issue> <issue id="1198778" tracker="bnc">Backport ENA driver for 15 SP2 kernel</issue> <issue id="1218644" tracker="bnc">kernel/livepatching: Add klp-convert</issue> <issue id="1220927" tracker="bnc">VUL-0: CVE-2023-52524: kernel: net: nfc: llcp: Add lock when modifying device list</issue> <issue id="1231939" tracker="bnc">VUL-0: CVE-2022-49021: kernel: net: phy: fix null-ptr-deref while probe() failed</issue> <issue id="1231940" tracker="bnc">VUL-0: CVE-2022-49019: kernel: net: ethernet: nixge: fix NULL dereference</issue> <issue id="1231958" tracker="bnc">VUL-0: CVE-2022-48985: kernel: net: mana: Fix race on per-CQ variable napi work_done</issue> <issue id="1231962" tracker="bnc">VUL-0: CVE-2022-49022: kernel: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration</issue> <issue id="1231991" tracker="bnc">VUL-0: CVE-2022-49032: kernel: iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw</issue> <issue id="1231992" tracker="bnc">VUL-0: CVE-2022-49031: kernel: iio: health: afe4403: Fix oob read in afe4403_read_raw</issue> <issue id="1231995" tracker="bnc">VUL-0: CVE-2022-49029: kernel: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails</issue> <issue id="1232006" tracker="bnc">VUL-0: CVE-2022-49011: kernel: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()</issue> <issue id="1232163" tracker="bnc">VUL-0: CVE-2022-49006: kernel: tracing: Free buffers when a used dynamic event is removed</issue> <issue id="1232172" tracker="bnc">VUL-0: CVE-2022-49010: kernel: hwmon: (coretemp) Check for null before removing sysfs attrs</issue> <issue id="1232224" tracker="bnc">VUL-0: CVE-2024-49925: kernel: fbdev: efifb: register sysfs groups through driver core</issue> <issue id="1232436" tracker="bnc">VUL-0: CVE-2024-53142: kernel: malformed cpio entry may leak early-boot memory contents</issue> <issue id="1232860" tracker="bnc">VUL-0: CVE-2024-50089: kernel: unicode: Don't special case ignorable code points</issue> <issue id="1232907" tracker="bnc">VUL-0: CVE-2024-50127: kernel: net: sched: fix use-after-free in taprio_change()</issue> <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue> <issue id="1232928" tracker="bnc">VUL-0: CVE-2024-50125: kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout</issue> <issue id="1233070" tracker="bnc">VUL-0: CVE-2024-50154: kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().</issue> <issue id="1233117" tracker="bnc">VUL-0: CVE-2024-50208: kernel: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages</issue> <issue id="1233293" tracker="bnc">VUL-0: CVE-2024-50205: kernel: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()</issue> <issue id="1233453" tracker="bnc">VUL-0: CVE-2024-50264: kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans</issue> <issue id="1233456" tracker="bnc">VUL-0: CVE-2024-50267: kernel: USB: serial: io_edgeport: fix use after free in debug printk</issue> <issue id="1233468" tracker="bnc">VUL-0: CVE-2024-50279: kernel: dm cache: fix out-of-bounds access to the dirty bitset when resizing</issue> <issue id="1233479" tracker="bnc">VUL-0: CVE-2024-50290: kernel: media: cx24116: prevent overflows on SNR calculus</issue> <issue id="1233490" tracker="bnc">VUL-0: CVE-2024-50301: kernel: security/keys: fix slab-out-of-bounds in key_task_permission</issue> <issue id="1233491" tracker="bnc">VUL-0: CVE-2024-50302: kernel: HID: core: zero-initialize the report buffer</issue> <issue id="1233555" tracker="bnc">VUL-0: CVE-2024-53061: kernel: media: s5p-jpeg: prevent buffer overflows</issue> <issue id="1233557" tracker="bnc">VUL-0: CVE-2024-53063: kernel: media: dvbdev: prevent the risk of out of memory access</issue> <issue id="2022-48985" tracker="cve" /> <issue id="2022-49006" tracker="cve" /> <issue id="2022-49010" tracker="cve" /> <issue id="2022-49011" tracker="cve" /> <issue id="2022-49019" tracker="cve" /> <issue id="2022-49021" tracker="cve" /> <issue id="2022-49022" tracker="cve" /> <issue id="2022-49029" tracker="cve" /> <issue id="2022-49031" tracker="cve" /> <issue id="2022-49032" tracker="cve" /> <issue id="2023-52524" tracker="cve" /> <issue id="2024-49925" tracker="cve" /> <issue id="2024-50089" tracker="cve" /> <issue id="2024-50115" tracker="cve" /> <issue id="2024-50125" tracker="cve" /> <issue id="2024-50127" tracker="cve" /> <issue id="2024-50154" tracker="cve" /> <issue id="2024-50205" tracker="cve" /> <issue id="2024-50208" tracker="cve" /> <issue id="2024-50264" tracker="cve" /> <issue id="2024-50267" tracker="cve" /> <issue id="2024-50279" tracker="cve" /> <issue id="2024-50290" tracker="cve" /> <issue id="2024-50301" tracker="cve" /> <issue id="2024-50302" tracker="cve" /> <issue id="2024-53061" tracker="cve" /> <issue id="2024-53063" tracker="cve" /> <issue id="SLE-8100" tracker="jsc" /> <category>security</category> <rating>important</rating> <packager>vliaskovitis</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). - CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) - CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860). - CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919). - CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928). - CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907). - CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070) - CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117). - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453). - CVE-2024-50267: USB: serial: io_edgeport: fix use after free in debug printk (bsc#1233456). - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468). - CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479). - CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490). - CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491). - CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555). - CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557). The following non-security bugs were fixed: - Update config files (bsc#1218644). - e1000e: Correct NVM checksum verification flow (jsc#SLE-8100). - e1000e: Correct NVM checksum verification flow (jsc#SLE-8100). - e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100). - e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100). - ena: Remove rcu_read_lock() around XDP program invocation (bsc#1198778). - ethernet: amazon: ena: A typo fix in the file ena_com.h (bsc#1198778). - initramfs: avoid filename buffer overrun (bsc#1232436). - kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644). - net: ena: Add capabilities field with support for ENI stats capability (bsc#1198778). - net: ena: Add debug prints for invalid req_id resets (bsc#1198778). - net: ena: Change ENI stats support check to use capabilities field (bsc#1198778). - net: ena: Change return value of ena_calc_io_queue_size() to void (bsc#1198778). - net: ena: Change the name of bad_csum variable (bsc#1198778). - net: ena: Extract recurring driver reset code into a function (bsc#1198778). - net: ena: Flush XDP packets on error (bsc#1198778). - net: ena: Improve error logging in driver (bsc#1198778). - net: ena: Move reset completion print to the reset function (bsc#1198778). - net: ena: Remove ena_calc_queue_size_ctx struct (bsc#1198778). - net: ena: Remove module param and change message severity (bsc#1198778). - net: ena: Remove redundant return code check (bsc#1198778). - net: ena: Remove unused code (bsc#1198778). - net: ena: Set tx_info->xdpf value to NULL (bsc#1198778). - net: ena: Update XDP verdict upon failure (bsc#1198778). - net: ena: Use bitmask to indicate packet redirection (bsc#1198778). - net: ena: Use dev_alloc() in RX buffer allocation (bsc#1198778). - net: ena: add device distinct log prefix to files (bsc#1198778). - net: ena: add jiffies of last napi call to stats (bsc#1198778). - net: ena: aggregate doorbell common operations into a function (bsc#1198778). - net: ena: aggregate stats increase into a function (bsc#1198778). - net: ena: fix DMA mapping function issues in XDP (bsc#1198778). - net: ena: fix coding style nits (bsc#1198778). - net: ena: fix inaccurate print type (bsc#1198778). - net: ena: introduce XDP redirect implementation (bsc#1198778). - net: ena: introduce ndo_xdp_xmit() function for XDP_REDIRECT (bsc#1198778). - net: ena: make symbol 'ena_alloc_map_page' static (bsc#1198778). - net: ena: re-organize code to improve readability (bsc#1198778). - net: ena: remove extra words from comments (bsc#1198778). - net: ena: store values in their appropriate variables types (bsc#1198778). - net: ena: use build_skb() in RX path (bsc#1198778). - net: ena: use constant value for net_device allocation (bsc#1198778). - net: ena: use xdp_frame in XDP TX flow (bsc#1198778). - net: ena: use xdp_return_frame() to free xdp frames (bsc#1198778). - rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644) - tools headers: Grab copy of linux/const.h, needed by linux/bits.h (bsc#1154353). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
