Overview

File _patchinfo of Package patchinfo.36761

<patchinfo incident="36761">
  <issue id="1218644" tracker="bnc">kernel/livepatching: Add klp-convert</issue>
  <issue id="1220382" tracker="bnc">L3-Question: x86/mm/ident_map: Use gbpages only where full GB page should be mapped.</issue>
  <issue id="1221309" tracker="bnc">Enable IDPF driver for arm64</issue>
  <issue id="1222590" tracker="bnc">VUL-0: CVE-2024-26782: kernel: mptcp: fix double-free on socket dismantle</issue>
  <issue id="1229808" tracker="bnc">VUL-0: CVE-2024-44932: kernel: idpf: fix UAFs when destroying the queues</issue>
  <issue id="1230220" tracker="bnc">VUL-0: CVE-2024-44964: kernel: idpf: fix memory leaks and crashes while performing a soft reset</issue>
  <issue id="1231646" tracker="bnc">L3-Question: kernel crash in kernel_clone/copy_page_range</issue>
  <issue id="1232187" tracker="bnc">VUL-0: CVE-2024-47757: kernel: nilfs2: fix potential oob read in nilfs_btree_check_delete()</issue>
  <issue id="1232312" tracker="bnc">VUL-0: CVE-2024-50017: kernel: x86/mm/ident_map: Use gbpages only where full GB page should be mapped.</issue>
  <issue id="1232860" tracker="bnc">VUL-0: CVE-2024-50089: kernel: unicode: Don't special case ignorable code points</issue>
  <issue id="1232907" tracker="bnc">VUL-0: CVE-2024-50127: kernel: net: sched: fix use-after-free in taprio_change()</issue>
  <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue>
  <issue id="1232928" tracker="bnc">VUL-0: CVE-2024-50125: kernel: Bluetooth: SCO: Fix UAF on sco_sock_timeout</issue>
  <issue id="1233070" tracker="bnc">VUL-0: CVE-2024-50154: kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().</issue>
  <issue id="1233214" tracker="bnc">VUL-0: CVE-2024-50259: kernel: netdevsim: add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()</issue>
  <issue id="1233293" tracker="bnc">VUL-0: CVE-2024-50205: kernel: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()</issue>
  <issue id="1233453" tracker="bnc">VUL-0: CVE-2024-50264: kernel: vsock/virtio: Initialization of the dangling pointer occurring in vsk-&gt;trans</issue>
  <issue id="1233456" tracker="bnc">VUL-0: CVE-2024-50267: kernel: USB: serial: io_edgeport: fix use after free in debug printk</issue>
  <issue id="1233463" tracker="bnc">VUL-0: CVE-2024-50274: kernel: idpf: avoid vport access in idpf_get_link_ksettings</issue>
  <issue id="1233468" tracker="bnc">VUL-0: CVE-2024-50279: kernel: dm cache: fix out-of-bounds access to the dirty bitset when resizing</issue>
  <issue id="1233479" tracker="bnc">VUL-0: CVE-2024-50290: kernel: media: cx24116: prevent overflows on SNR calculus</issue>
  <issue id="1233490" tracker="bnc">VUL-0: CVE-2024-50301: kernel: security/keys: fix slab-out-of-bounds in key_task_permission</issue>
  <issue id="1233491" tracker="bnc">VUL-0: CVE-2024-50302: kernel: HID: core: zero-initialize the report buffer</issue>
  <issue id="1233555" tracker="bnc">VUL-0: CVE-2024-53061: kernel: media: s5p-jpeg: prevent buffer overflows</issue>
  <issue id="1233557" tracker="bnc">VUL-0: CVE-2024-53063: kernel: media: dvbdev: prevent the risk of out of memory access</issue>
  <issue id="1233561" tracker="bnc">VUL-0: CVE-2024-53068: kernel: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()</issue>
  <issue id="1233977" tracker="bnc">VUL-0: CVE-2023-52922: kernel: can: bcm: Fix UAF in bcm_proc_show()</issue>
  <issue id="2023-52922" tracker="cve" />
  <issue id="2024-26782" tracker="cve" />
  <issue id="2024-44932" tracker="cve" />
  <issue id="2024-44964" tracker="cve" />
  <issue id="2024-47757" tracker="cve" />
  <issue id="2024-50017" tracker="cve" />
  <issue id="2024-50089" tracker="cve" />
  <issue id="2024-50115" tracker="cve" />
  <issue id="2024-50125" tracker="cve" />
  <issue id="2024-50127" tracker="cve" />
  <issue id="2024-50154" tracker="cve" />
  <issue id="2024-50205" tracker="cve" />
  <issue id="2024-50259" tracker="cve" />
  <issue id="2024-50264" tracker="cve" />
  <issue id="2024-50267" tracker="cve" />
  <issue id="2024-50274" tracker="cve" />
  <issue id="2024-50279" tracker="cve" />
  <issue id="2024-50290" tracker="cve" />
  <issue id="2024-50301" tracker="cve" />
  <issue id="2024-50302" tracker="cve" />
  <issue id="2024-53061" tracker="cve" />
  <issue id="2024-53063" tracker="cve" />
  <issue id="2024-53068" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>alix82</packager>
  <reboot_needed/>
  <description>

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-44932: idpf: fix UAFs when destroying the queues (bsc#1229808).
- CVE-2024-44964: idpf: fix memory leaks and crashes while performing a soft reset (bsc#1230220).
- CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187).
- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50154: tcp: Fix use-after-free of nreq in reqsk_timer_handler() (bsc#1233070).
- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293).
- CVE-2024-50259: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (bsc#1233214).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50267: USB: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53068: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (bsc#1233561).

The following non-security bugs were fixed:

- Update config files (bsc#1218644). 
- Update config files. Enabled IDPF for ARM64 (bsc#1221309)
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- mm/memory: add non-anonymous page check in the copy_present_page() (bsc#1231646).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places