File _patchinfo of Package patchinfo.38188
<patchinfo incident="38188">
<issue id="1193629" tracker="bnc">[TRACKERBUG] SLE15-SP4 backports for cifs.ko</issue>
<issue id="1197227" tracker="bnc">VUL-0: CVE-2022-1015,CVE-2022-1016: kernel-source: Vulnerability in nf_tables can cause privilege escalation</issue>
<issue id="1207034" tracker="bnc">VUL-0: CVE-2023-0179: kernel: integer overflow vulnerability within the Netfilter (nftables) subsystem</issue>
<issue id="1207186" tracker="bnc">VUL-0: kernel-source,kernel-source-rt,kernel-source-azure: HID: betop: check shape of output reports</issue>
<issue id="1207878" tracker="bnc">[ENA] Back port DMA buffer fix in distros</issue>
<issue id="1209262" tracker="bnc">mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()</issue>
<issue id="1209547" tracker="bnc">VUL-0: CVE-2017-5753: kernel-source,kernel-source-rt,kernel-source-azure: Upstream reports spectre V1 vulnerability on netlink</issue>
<issue id="1209788" tracker="bnc">VUL-0: CVE-2023-1652: kernel-source-azure,kernel-source,kernel-source-rt: use-after-free in nfsd4_ssc_setup_dul() in fs/nfsd/nfs4proc.c</issue>
<issue id="1210647" tracker="bnc">VUL-0: CVE-2023-2162: kernel-source-rt,kernel-source,kernel-source-azure: UAF during login when accessing the shost ipaddress</issue>
<issue id="1213167" tracker="bnc">VUL-0: CVE-2023-3567: kernel-source,kernel-source-rt,kernel-source-azure: use after free in vcs_read() in the vc_screen driver due to race condition</issue>
<issue id="1225742" tracker="bnc">VUL-0: CVE-2024-36905: kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets</issue>
<issue id="1231375" tracker="bnc">Fix pointer-leak due to insufficient speculative store bypass mitigation in BPF verifier</issue>
<issue id="1233479" tracker="bnc">VUL-0: CVE-2024-50290: kernel: media: cx24116: prevent overflows on SNR calculus</issue>
<issue id="1233557" tracker="bnc">VUL-0: CVE-2024-53063: kernel: media: dvbdev: prevent the risk of out of memory access</issue>
<issue id="1233558" tracker="bnc">VUL-0: CVE-2024-53064: kernel: idpf: fix idpf_vc_core_init error path</issue>
<issue id="1234464" tracker="bnc">Partner-L3: IDPF - Possible crashes on reset fixed upstream</issue>
<issue id="1235528" tracker="bnc">VUL-0: CVE-2024-56651: kernel: can: hi311x: hi3110_can_ist(): fix potential use-after-free</issue>
<issue id="1237029" tracker="bnc">VUL-0: CVE-2025-21693: kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug</issue>
<issue id="1237530" tracker="bnc">cpuidle driver in virtualized environments - SLES12 = NONE, SLES15=acpi_idle</issue>
<issue id="1237875" tracker="bnc">VUL-0: CVE-2025-21753: kernel: btrfs: fix use-after-free when attempting to join an aborted transaction</issue>
<issue id="1237877" tracker="bnc">VUL-0: CVE-2025-21732: kernel: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error</issue>
<issue id="1237890" tracker="bnc">VUL-0: CVE-2025-21714: kernel: RDMA/mlx5: Fix implicit ODP use after free</issue>
<issue id="1237918" tracker="bnc">VUL-0: CVE-2022-49053: kernel: scsi: target: tcmu: Fix possible page UAF</issue>
<issue id="1238911" tracker="bnc">VUL-0: CVE-2025-21772: kernel: partitions: mac: fix handling of bogus partition table</issue>
<issue id="1238919" tracker="bnc">VUL-0: CVE-2022-49465: kernel: blk-throttle: set BIO_THROTTLED when bio has been throttled</issue>
<issue id="1239016" tracker="bnc">net: mana: Allow variable size indirection table</issue>
<issue id="1239036" tracker="bnc">VUL-0: CVE-2024-58083: kernel: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()</issue>
<issue id="1239061" tracker="bnc">VUL-0: CVE-2025-21839: kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop</issue>
<issue id="1239126" tracker="bnc">Multiple nodes are crashing in the compaction path of the kernel.</issue>
<issue id="1239452" tracker="bnc">VUL-0: CVE-2022-49650: kernel: dmaengine: qcom: bam_dma: fix runtime PM underflow</issue>
<issue id="1239454" tracker="bnc">VUL-0: CVE-2022-49293: kernel: netfilter: nf_tables: initialize registers in nft_do_chain()</issue>
<issue id="1239968" tracker="bnc">fstests btrfs/325 fails on SLE15-SP4</issue>
<issue id="1239969" tracker="bnc">fstests btrfs/322 fails on SLE15-SP4</issue>
<issue id="1240133" tracker="bnc">net: mana: Support holes in device list reply msg</issue>
<issue id="1240195" tracker="bnc">fix error handling in mana_create_txq/rxq's NAPI cleanup</issue>
<issue id="1240205" tracker="bnc">VUL-0: CVE-2021-4454: kernel: can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate</issue>
<issue id="1240207" tracker="bnc">VUL-0: CVE-2022-49739: kernel: gfs2: Always check inode size of inline inodes</issue>
<issue id="1240208" tracker="bnc">VUL-0: CVE-2023-53006: kernel: cifs: Fix oops due to uncleared server->smbd_conn in reconnect</issue>
<issue id="1240210" tracker="bnc">VUL-0: CVE-2023-53033: kernel: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits</issue>
<issue id="1240212" tracker="bnc">VUL-0: CVE-2023-53028: kernel: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"</issue>
<issue id="1240213" tracker="bnc">VUL-0: CVE-2023-52974: kernel: scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress</issue>
<issue id="1240218" tracker="bnc">VUL-0: CVE-2023-52973: kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF</issue>
<issue id="1240220" tracker="bnc">VUL-0: CVE-2023-53029: kernel: octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt</issue>
<issue id="1240227" tracker="bnc">VUL-0: CVE-2023-53000: kernel: netlink: prevent potential spectre v1 gadgets</issue>
<issue id="1240229" tracker="bnc">VUL-0: CVE-2023-53007: kernel: tracing: Make sure trace_printk() can output as soon as it can be used</issue>
<issue id="1240231" tracker="bnc">VUL-0: CVE-2023-52939: kernel: mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()</issue>
<issue id="1240242" tracker="bnc">VUL-0: CVE-2022-49746: kernel: dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init</issue>
<issue id="1240245" tracker="bnc">VUL-0: CVE-2022-49759: kernel: VMCI: Use threaded irqs instead of tasklets</issue>
<issue id="1240247" tracker="bnc">VUL-0: CVE-2022-49755: kernel: usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait</issue>
<issue id="1240250" tracker="bnc">VUL-0: CVE-2022-49753: kernel: dmaengine: Fix double increment of client_count in dma_chan_get()</issue>
<issue id="1240254" tracker="bnc">VUL-0: CVE-2022-49751: kernel: w1: fix WARNING after calling w1_process()</issue>
<issue id="1240256" tracker="bnc">VUL-0: CVE-2022-49748: kernel: perf/x86/amd: fix potential integer overflow on shift of a int</issue>
<issue id="1240264" tracker="bnc">VUL-0: CVE-2023-53025: kernel: NFSD: fix use-after-free in nfsd4_ssc_setup_dul()</issue>
<issue id="1240266" tracker="bnc">VUL-0: CVE-2023-52989: kernel: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region</issue>
<issue id="1240272" tracker="bnc">VUL-0: CVE-2023-53024: kernel: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation</issue>
<issue id="1240275" tracker="bnc">VUL-0: CVE-2023-52933: kernel: Squashfs: fix handling and sanity checking of xattr_ids count</issue>
<issue id="1240276" tracker="bnc">VUL-0: CVE-2023-52935: kernel: mm/khugepaged: fix ->anon_vma race</issue>
<issue id="1240278" tracker="bnc">VUL-0: CVE-2023-53005: kernel: trace_events_hist: add check for return value of 'create_hist_field'</issue>
<issue id="1240279" tracker="bnc">VUL-0: CVE-2023-52984: kernel: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices</issue>
<issue id="1240280" tracker="bnc">VUL-0: CVE-2023-52941: kernel: can: isotp: split tx timer into transmission and timeout</issue>
<issue id="1240281" tracker="bnc">VUL-0: CVE-2023-53016: kernel: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change</issue>
<issue id="1240282" tracker="bnc">VUL-0: CVE-2023-52979: kernel: squashfs: harden sanity check in squashfs_read_xattr_id_table</issue>
<issue id="1240283" tracker="bnc">VUL-0: CVE-2023-52976: kernel: efi: fix potential NULL deref in efi_mem_reserve_persistent</issue>
<issue id="1240284" tracker="bnc">VUL-0: CVE-2023-52983: kernel: block, bfq: fix uaf for bfqq in bic_set_bfqq()</issue>
<issue id="1240286" tracker="bnc">VUL-0: CVE-2023-53019: kernel: net: mdio: validate parameter addr in mdiobus_get_phy()</issue>
<issue id="1240288" tracker="bnc">VUL-0: CVE-2023-53015: kernel: HID: betop: check shape of output reports</issue>
<issue id="1240290" tracker="bnc">VUL-0: CVE-2023-53010: kernel: bnxt: Do not read past the end of test names</issue>
<issue id="1240292" tracker="bnc">VUL-0: CVE-2023-53030: kernel: octeontx2-pf: Avoid use of GFP_KERNEL in atomic context</issue>
<issue id="1240293" tracker="bnc">VUL-0: CVE-2023-52988: kernel: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()</issue>
<issue id="1240297" tracker="bnc">VUL-0: CVE-2023-52993: kernel: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL</issue>
<issue id="1240304" tracker="bnc">VUL-0: CVE-2023-52930: kernel: drm/i915: Fix potential bit_17 double-free</issue>
<issue id="1240308" tracker="bnc">VUL-0: CVE-2023-53026: kernel: RDMA/core: Fix ib block iterator counter overflow</issue>
<issue id="1240309" tracker="bnc">VUL-0: CVE-2023-53023: kernel: net: nfc: Fix use-after-free in local_cleanup()</issue>
<issue id="1240317" tracker="bnc">VUL-0: CVE-2023-52992: kernel: bpf: Skip task with pid=1 in send_signal_common()</issue>
<issue id="1240318" tracker="bnc">VUL-0: CVE-2023-53008: kernel: cifs: fix potential memory leaks in session setup</issue>
<issue id="1240322" tracker="bnc">VUL-0: CVE-2023-52975: kernel: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress</issue>
<issue id="2017-5753" tracker="cve" />
<issue id="2021-4454" tracker="cve" />
<issue id="2022-1016" tracker="cve" />
<issue id="2022-49053" tracker="cve" />
<issue id="2022-49293" tracker="cve" />
<issue id="2022-49465" tracker="cve" />
<issue id="2022-49650" tracker="cve" />
<issue id="2022-49739" tracker="cve" />
<issue id="2022-49746" tracker="cve" />
<issue id="2022-49748" tracker="cve" />
<issue id="2022-49751" tracker="cve" />
<issue id="2022-49753" tracker="cve" />
<issue id="2022-49755" tracker="cve" />
<issue id="2022-49759" tracker="cve" />
<issue id="2023-0179" tracker="cve" />
<issue id="2023-1652" tracker="cve" />
<issue id="2023-2162" tracker="cve" />
<issue id="2023-3567" tracker="cve" />
<issue id="2023-52930" tracker="cve" />
<issue id="2023-52933" tracker="cve" />
<issue id="2023-52935" tracker="cve" />
<issue id="2023-52939" tracker="cve" />
<issue id="2023-52941" tracker="cve" />
<issue id="2023-52973" tracker="cve" />
<issue id="2023-52974" tracker="cve" />
<issue id="2023-52975" tracker="cve" />
<issue id="2023-52976" tracker="cve" />
<issue id="2023-52979" tracker="cve" />
<issue id="2023-52983" tracker="cve" />
<issue id="2023-52984" tracker="cve" />
<issue id="2023-52988" tracker="cve" />
<issue id="2023-52989" tracker="cve" />
<issue id="2023-52992" tracker="cve" />
<issue id="2023-52993" tracker="cve" />
<issue id="2023-53000" tracker="cve" />
<issue id="2023-53005" tracker="cve" />
<issue id="2023-53006" tracker="cve" />
<issue id="2023-53007" tracker="cve" />
<issue id="2023-53008" tracker="cve" />
<issue id="2023-53010" tracker="cve" />
<issue id="2023-53015" tracker="cve" />
<issue id="2023-53016" tracker="cve" />
<issue id="2023-53019" tracker="cve" />
<issue id="2023-53023" tracker="cve" />
<issue id="2023-53024" tracker="cve" />
<issue id="2023-53025" tracker="cve" />
<issue id="2023-53026" tracker="cve" />
<issue id="2023-53028" tracker="cve" />
<issue id="2023-53029" tracker="cve" />
<issue id="2023-53030" tracker="cve" />
<issue id="2023-53033" tracker="cve" />
<issue id="2024-50290" tracker="cve" />
<issue id="2024-53063" tracker="cve" />
<issue id="2024-53064" tracker="cve" />
<issue id="2024-56651" tracker="cve" />
<issue id="2024-58083" tracker="cve" />
<issue id="2025-21693" tracker="cve" />
<issue id="2025-21714" tracker="cve" />
<issue id="2025-21732" tracker="cve" />
<issue id="2025-21753" tracker="cve" />
<issue id="2025-21772" tracker="cve" />
<issue id="2025-21839" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>alix82</packager>
<reboot_needed/>
<description>
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
- CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
- CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21714: RDMA/mlx5: Fix implicit ODP use after free (bsc#1237890).
- CVE-2025-21732: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (bsc#1237877).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
The following non-security bugs were fixed:
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mana_ib: Use v2 version of cfg_rx_steer_req to enable RX coalescing (bsc#1239016).
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- btrfs: defrag: do not use merged extent map for their generation check (bsc#1239968).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1239968).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1239968).
- btrfs: send: allow cloning non-aligned extent if it ends at i_size (bsc#1239969).
- btrfs: send: fix invalid clone operation for file that got its size decreased (bsc#1239969).
- gfs2: Fix inode height consistency check (git-fixes).
- mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() (bsc#1239126).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (bsc#1240195).
- net: mana: Support holes in device list reply msg (bsc#1240133).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
