File _patchinfo of Package patchinfo.37204
<patchinfo incident="37204"> <issue id="1226184" tracker="bnc">VUL-0: CVE-2024-27029: kernel live patch: drm/amdgpu: fix mmhub client id out-of-bounds access</issue> <issue id="1226324" tracker="bnc">VUL-0: CVE-2024-36971: kernel live patch: fix __dst_negative_advice() race</issue> <issue id="1227369" tracker="bnc">VUL-0: CVE-2024-36979: kernel live patch: net: bridge: mst: fix vlan use-after-free</issue> <issue id="1227781" tracker="bnc">VUL-0: CVE-2024-40920: kernel: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state</issue> <issue id="1227784" tracker="bnc">VUL-0: CVE-2024-40921: kernel: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state</issue> <issue id="1229275" tracker="bnc">VUL-0: CVE-2024-41057: kernel live patch: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()</issue> <issue id="2024-27029" tracker="cve" /> <issue id="2024-36971" tracker="cve" /> <issue id="2024-36979" tracker="cve" /> <issue id="2024-40920" tracker="cve" /> <issue id="2024-40921" tracker="cve" /> <issue id="2024-41057" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>nstange</packager> <description>This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). - CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). - CVE-2024-27029: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140 (bsc#1226184). - CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). </description> <summary>Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)</summary> </patchinfo>
