File _patchinfo of Package patchinfo.38685
<patchinfo incident="38685">
<issue id="1054914" tracker="bnc">SLES 15 - Additional patches for POWER9 Hardware Counter Support</issue>
<issue id="1206843" tracker="bnc">Lenovo T14s Gen3 AMD resume from sleep broken</issue>
<issue id="1210409" tracker="bnc">fscache: Use wait_on_bit() to wait for the freeing of relinquished volume</issue>
<issue id="1225903" tracker="bnc">bpf: backport of iterator and callback handling fixes</issue>
<issue id="1229361" tracker="bnc">VUL-0: CVE-2024-42307: kernel: cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path</issue>
<issue id="1229621" tracker="bnc">VUL-0: CVE-2022-48933: kernel: netfilter: nf_tables: fix memory leak during stateful obj update</issue>
<issue id="1230764" tracker="bnc">VUL-0: CVE-2024-46763: kernel: fou: Fix null-ptr-deref in GRO.</issue>
<issue id="1231103" tracker="bnc">VUL-0: CVE-2024-46865: kernel: fou: fix initialization of grc</issue>
<issue id="1231910" tracker="bnc">VUL-0: CVE-2024-50038: kernel: netfilter: xtables: avoid NFPROTO_UNSPEC where needed</issue>
<issue id="1236777" tracker="bnc">L3: Missing boost control on AMD Genoa platform with the amd-pstate driver in SLE 15 SP5 [ref:_00D1igLOd._500TrSkcwi:ref]</issue>
<issue id="1237981" tracker="bnc">VUL-0: CVE-2022-49110: kernel: netfilter: conntrack: revisit gc autotuning</issue>
<issue id="1238032" tracker="bnc">VUL-0: CVE-2022-49139: kernel: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt</issue>
<issue id="1238471" tracker="bnc">VUL-0: CVE-2025-21812: kernel: ax25: rcu protect dev->ax25_ptr</issue>
<issue id="1238512" tracker="bnc">VUL-0: CVE-2025-21791: kernel: vrf: use RCU protection in l3mdev_l3_out()</issue>
<issue id="1238747" tracker="bnc">VUL-0: CVE-2025-21785: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array</issue>
<issue id="1238865" tracker="bnc">VUL-0: CVE-2025-21726: kernel: padata: avoid UAF for reorder_work</issue>
<issue id="1239061" tracker="bnc">VUL-0: CVE-2025-21839: kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop</issue>
<issue id="1239684" tracker="bnc">VUL-0: CVE-2025-2312: kernel: cifs-utils: cifs.upcall makes an upcall to the wrong namespace in containerized environments while trying to get Kerberos credentials</issue>
<issue id="1239968" tracker="bnc">fstests btrfs/325 fails on SLE15-SP4</issue>
<issue id="1240209" tracker="bnc">VUL-0: CVE-2023-52937: kernel: HV: hv_balloon: fix memory leak with using debugfs_lookup()</issue>
<issue id="1240211" tracker="bnc">VUL-0: CVE-2023-53018: kernel: Bluetooth: hci_conn: Fix memory leaks</issue>
<issue id="1240214" tracker="bnc">VUL-0: CVE-2023-52982: kernel: fscache: Use wait_on_bit() to wait for the freeing of relinquished volume</issue>
<issue id="1240228" tracker="bnc">VUL-0: CVE-2023-52938: kernel: usb: typec: ucsi: Don't attempt to resume the ports before they exist</issue>
<issue id="1240230" tracker="bnc">VUL-0: CVE-2023-53002: kernel: drm/i915: Fix a memory leak with reused mmap_offset</issue>
<issue id="1240246" tracker="bnc">VUL-0: CVE-2022-49745: kernel: fpga: m10bmc-sec: Fix probe rollback</issue>
<issue id="1240248" tracker="bnc">VUL-0: CVE-2023-52928: kernel: bpf: Skip invalid kfunc call in backtrack_insn</issue>
<issue id="1240269" tracker="bnc">VUL-0: CVE-2023-52994: kernel: acpi: Fix suspend with Xen PV</issue>
<issue id="1240271" tracker="bnc">VUL-0: CVE-2023-52931: kernel: drm/i915: Avoid potential vm use-after-free</issue>
<issue id="1240274" tracker="bnc">VUL-0: CVE-2023-52981: kernel: drm/i915: Fix request ref counting during error capture & debugfs dump</issue>
<issue id="1240285" tracker="bnc">VUL-0: CVE-2023-53031: kernel: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section</issue>
<issue id="1240295" tracker="bnc">VUL-0: CVE-2023-53014: kernel: dmaengine: tegra: Fix memory leak in terminate_all()</issue>
<issue id="1240306" tracker="bnc">VUL-0: CVE-2023-52986: kernel: bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener</issue>
<issue id="1240314" tracker="bnc">VUL-0: CVE-2023-53009: kernel: drm/amdkfd: Add sync after creating vram bo</issue>
<issue id="1240315" tracker="bnc">VUL-0: CVE-2023-53001: kernel: drm/drm_vma_manager: Add drm_vma_node_allow_once()</issue>
<issue id="1240321" tracker="bnc">VUL-0: CVE-2023-52936: kernel: kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()</issue>
<issue id="1240747" tracker="bnc">VUL-0: CVE-2022-49741: kernel: fbdev: smscufx: memory leak due to error handling code in ufx_usb_probe</issue>
<issue id="1240835" tracker="bnc">VUL-0: CVE-2025-22004: kernel: net: atm: fix use after free in lec_send()</issue>
<issue id="1241280" tracker="bnc">VUL-0: CVE-2025-22020: kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove</issue>
<issue id="1241371" tracker="bnc">VUL-0: CVE-2025-22055: kernel: net: fix geneve_opt length integer overflow</issue>
<issue id="1241421" tracker="bnc">VUL-0: CVE-2021-47671: kernel: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path</issue>
<issue id="1241433" tracker="bnc">VUL-0: CVE-2025-22045: kernel: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs</issue>
<issue id="1241541" tracker="bnc">VUL-0: CVE-2025-22097: kernel: drm/vkms: fix use after free and double free on init error</issue>
<issue id="1241625" tracker="bnc">VUL-0: CVE-2025-39735: kernel: jfs: fix slab-out-of-bounds read in ea_get()</issue>
<issue id="1241648" tracker="bnc">VUL-0: CVE-2025-23138: kernel: watch_queue: fix pipe accounting mismatch</issue>
<issue id="1242284" tracker="bnc">VUL-0: CVE-2023-53051: kernel: dm crypt: add cond_resched() to dmcrypt_write()</issue>
<issue id="1242493" tracker="bnc">VUL-0: CVE-2022-49767: kernel: 9p/trans_fd: always use O_NONBLOCK read/write</issue>
<issue id="1242778" tracker="bnc">VUL-0: kernel: cBPF issue</issue>
<issue id="2021-47671" tracker="cve" />
<issue id="2022-48933" tracker="cve" />
<issue id="2022-49110" tracker="cve" />
<issue id="2022-49139" tracker="cve" />
<issue id="2022-49741" tracker="cve" />
<issue id="2022-49745" tracker="cve" />
<issue id="2022-49767" tracker="cve" />
<issue id="2023-52928" tracker="cve" />
<issue id="2023-52931" tracker="cve" />
<issue id="2023-52936" tracker="cve" />
<issue id="2023-52937" tracker="cve" />
<issue id="2023-52938" tracker="cve" />
<issue id="2023-52981" tracker="cve" />
<issue id="2023-52982" tracker="cve" />
<issue id="2023-52986" tracker="cve" />
<issue id="2023-52994" tracker="cve" />
<issue id="2023-53001" tracker="cve" />
<issue id="2023-53002" tracker="cve" />
<issue id="2023-53009" tracker="cve" />
<issue id="2023-53014" tracker="cve" />
<issue id="2023-53018" tracker="cve" />
<issue id="2023-53031" tracker="cve" />
<issue id="2023-53051" tracker="cve" />
<issue id="2024-42307" tracker="cve" />
<issue id="2024-46763" tracker="cve" />
<issue id="2024-46865" tracker="cve" />
<issue id="2024-50038" tracker="cve" />
<issue id="2025-21726" tracker="cve" />
<issue id="2025-21785" tracker="cve" />
<issue id="2025-21791" tracker="cve" />
<issue id="2025-21812" tracker="cve" />
<issue id="2025-21839" tracker="cve" />
<issue id="2025-22004" tracker="cve" />
<issue id="2025-22020" tracker="cve" />
<issue id="2025-22045" tracker="cve" />
<issue id="2025-22055" tracker="cve" />
<issue id="2025-22097" tracker="cve" />
<issue id="2025-2312" tracker="cve" />
<issue id="2025-23138" tracker="cve" />
<issue id="2025-39735" tracker="cve" />
<category>security</category>
<rating>important</rating>
<packager>tabraham1</packager>
<reboot_needed/>
<description>The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48933: netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1229621).
- CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981).
- CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032).
- CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493).
- CVE-2024-46763: fou: Fix null-ptr-deref in GRO (bsc#1230764).
- CVE-2024-50038: netfilter: xtables: avoid NFPROTO_UNSPEC where needed (bsc#1231910).
- CVE-2025-21726: padata: avoid UAF for reorder_work (bsc#1238865).
- CVE-2025-21785: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (bsc#1238747).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21839: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (bsc#1239061).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22020: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (bsc#1241280).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22097: drm/vkms: Fix use after free and double free on init error (bsc#1241541).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-39735: jfs: fix slab-out-of-bounds read in ea_get() (bsc#1241625).
The following non-security bugs were fixed:
- cpufreq: ACPI: Mark boost policy as enabled when setting boost (bsc#1236777).
- cpufreq: Allow drivers to advertise boost enabled (bsc#1236777).
- cpufreq: Fix per-policy boost behavior on SoCs using cpufreq_boost_set_sw() (bsc#1236777).
- cpufreq: Support per-policy performance boost (bsc#1236777).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
