File _patchinfo of Package patchinfo.39045
<patchinfo incident="39045"> <issue id="1154353" tracker="bnc">Update skb/net-sched kernel API</issue> <issue id="1170891" tracker="bnc">[openQA][blktests][loop/001] test fails for PowerVM and x86_64</issue> <issue id="1173139" tracker="bnc">SLES 15 SP2 GMC - IOCTL BLKRRPART broken - patch missing</issue> <issue id="1184350" tracker="bnc">SLES 15 SP3 - LPAR network did not come up after 10minutes during lpm test: (ibmvnic) (HANA)</issue> <issue id="1184611" tracker="bnc">VUL-0: CVE-2021-32399: kernel-source: Race condition vulnerability in Linux BlueTooth subsystem</issue> <issue id="1185010" tracker="bnc">NXP i.MX8MM missing kernel modules in initrd</issue> <issue id="1190358" tracker="bnc">kernel-azure fails to build in update project</issue> <issue id="1190428" tracker="bnc">kernel -extra subpackage contains no modules</issue> <issue id="1201644" tracker="bnc">Kernel crashes on Dell PowerEdge R340 and R440 after latest kernel upgrade</issue> <issue id="1201664" tracker="bnc">kernel 5.3.18-150300.59.81-default is continuously crashing on Supermicro X11DPU-Z+ (Intel Skylake SP)</issue> <issue id="1201672" tracker="bnc">bad RIP value - kernel NULL pointer dereference address 0000000000000000</issue> <issue id="1201673" tracker="bnc">buggy kernel 5.3.18-150300.59.81 on SLES15-SP3 keeps crashing</issue> <issue id="1201676" tracker="bnc">crashes on new 15-sp3 kernel (retbleed fallout?)</issue> <issue id="1206073" tracker="bnc">VUL-0: CVE-2022-3564: kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c</issue> <issue id="1206649" tracker="bnc">[PATCH] udf: Fix a slab-out-of-bounds write bug in udf_find_entry()</issue> <issue id="1206886" tracker="bnc">[PATCH] ext4: fix BUG_ON() when directory entry has invalid rec_len</issue> <issue id="1206887" tracker="bnc">[PATCH] ext4: fix warning in 'ext4_da_release_space'</issue> <issue id="1207198" tracker="bnc">ceph: avoid putting the realm twice when decoding snaps fails</issue> <issue id="1210337" tracker="bnc">VUL-0: CVE-2023-1990: kernel: Use after free bug in ndlc_remove due to race condition</issue> <issue id="1213476" tracker="bnc">L3: cifs.ko - CIFS VFS: leaving cifs_get_tcon (xid = 2074919) rc = -2</issue> <issue id="1232649" tracker="bnc">VUL-0: kernel: phram module allows circumvention of lockdown mode</issue> <issue id="1234887" tracker="bnc">VUL-0: CVE-2024-53168: kernel: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket</issue> <issue id="1235100" tracker="bnc">VUL-0: CVE-2024-56558: kernel: nfsd: make sure exp active before svc_export_show</issue> <issue id="1235568" tracker="bnc">VUL-0: CVE-2024-56705: kernel: media: atomisp: add check for rgby_data memory allocation failure</issue> <issue id="1237981" tracker="bnc">VUL-0: CVE-2022-49110: kernel: netfilter: conntrack: revisit gc autotuning</issue> <issue id="1238032" tracker="bnc">VUL-0: CVE-2022-49139: kernel: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt</issue> <issue id="1238394" tracker="bnc">VUL-0: CVE-2022-49320: kernel: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type</issue> <issue id="1238471" tracker="bnc">VUL-0: CVE-2025-21812: kernel: ax25: rcu protect dev->ax25_ptr</issue> <issue id="1240802" tracker="bnc">VUL-0: CVE-2025-21999: kernel: proc: fix UAF in proc_get_inode()</issue> <issue id="1241362" tracker="bnc">VUL-0: CVE-2025-22028: kernel: media: vimc: skip .s_stream() for stopped entities</issue> <issue id="1241593" tracker="bnc">VUL-0: CVE-2025-22121: kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()</issue> <issue id="1241637" tracker="bnc">VUL-0: CVE-2025-40364: kernel: io_uring: fix io_req_prep_async with provided buffers</issue> <issue id="1242145" tracker="bnc">VUL-0: CVE-2020-36790: kernel: nvmet: fix a memory leak</issue> <issue id="1242147" tracker="bnc">VUL-0: CVE-2022-49772: kernel: ALSA: usb-audio: drop snd_BUG_ON() from snd_usbmidi_output_open()</issue> <issue id="1242150" tracker="bnc">VUL-0: CVE-2022-49830: kernel: drm/drv: fix potential memory leak in drm_dev_init()</issue> <issue id="1242154" tracker="bnc">VUL-0: CVE-2022-49832: kernel: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map</issue> <issue id="1242215" tracker="bnc">VUL-0: CVE-2023-53106: kernel: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition</issue> <issue id="1242232" tracker="bnc">VUL-0: CVE-2022-49777: kernel: Input: i8042 - fix leaking of platform device on module removal</issue> <issue id="1242245" tracker="bnc">VUL-0: CVE-2022-49775: kernel: tcp: cdg: allow tcp_cdg_release() to be called multiple times</issue> <issue id="1242264" tracker="bnc">VUL-0: CVE-2022-49799: kernel: tracing: Fix wild-memory-access in register_synth_event()</issue> <issue id="1242270" tracker="bnc">VUL-0: CVE-2022-49802: kernel: ftrace: Fix null pointer dereference in ftrace_add_mod()</issue> <issue id="1242352" tracker="bnc">VUL-0: CVE-2022-49787: kernel: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()</issue> <issue id="1242353" tracker="bnc">VUL-0: CVE-2022-49788: kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()</issue> <issue id="1242355" tracker="bnc">VUL-0: CVE-2022-49836: kernel: siox: fix possible memory leak in siox_device_add()</issue> <issue id="1242366" tracker="bnc">VUL-0: CVE-2022-49789: kernel: scsi: zfcp: Fix double free of FSF request when qdio send fails</issue> <issue id="1242378" tracker="bnc">VUL-0: CVE-2022-49922: kernel: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()</issue> <issue id="1242385" tracker="bnc">VUL-0: CVE-2022-49835: kernel: ALSA: hda: fix potential memleak in 'add_widget_node'</issue> <issue id="1242387" tracker="bnc">VUL-0: CVE-2022-49790: kernel: Input: iforce - invert valid length check when fetching device IDs</issue> <issue id="1242391" tracker="bnc">VUL-0: CVE-2022-49793: kernel: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()</issue> <issue id="1242392" tracker="bnc">VUL-0: CVE-2022-49794: kernel: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()</issue> <issue id="1242402" tracker="bnc">VUL-0: CVE-2022-49809: kernel: net/x25: Fix skb leak in x25_lapb_receive_frame()</issue> <issue id="1242409" tracker="bnc">VUL-0: CVE-2022-49915: kernel: mISDN: fix possible memory leak in mISDN_register_device()</issue> <issue id="1242416" tracker="bnc">VUL-0: CVE-2022-49927: kernel: nfs4: Fix kmemleak when allocate slot failed</issue> <issue id="1242440" tracker="bnc">VUL-0: CVE-2022-49769: kernel: gfs2: Check sb_bsize_shift after reading superblock</issue> <issue id="1242443" tracker="bnc">VUL-0: CVE-2022-49839: kernel: scsi: scsi_transport_sas: Fix error handling in sas_phy_add()</issue> <issue id="1242449" tracker="bnc">VUL-0: CVE-2022-49892: kernel: ftrace: Fix use-after-free for dynamic ftrace_ops</issue> <issue id="1242452" tracker="bnc">VUL-0: CVE-2022-49910: kernel: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu</issue> <issue id="1242455" tracker="bnc">VUL-0: CVE-2022-49889: kernel: ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()</issue> <issue id="1242464" tracker="bnc">VUL-0: CVE-2022-49906: kernel: ibmvnic: Free rwi on reset success</issue> <issue id="1242473" tracker="bnc">VUL-0: CVE-2022-49841: kernel: serial: imx: Add missing .thaw_noirq hook</issue> <issue id="1242481" tracker="bnc">VUL-0: CVE-2022-49881: kernel: wifi: cfg80211: fix memory leak in query_regdb_file()</issue> <issue id="1242484" tracker="bnc">VUL-0: CVE-2022-49842: kernel: ASoC: core: Fix use-after-free in snd_soc_exit()</issue> <issue id="1242493" tracker="bnc">VUL-0: CVE-2022-49767: kernel: 9p/trans_fd: always use O_NONBLOCK read/write</issue> <issue id="1242527" tracker="bnc">VUL-0: CVE-2022-49818: kernel: mISDN: fix misuse of put_device() in mISDN_register_device()</issue> <issue id="1242542" tracker="bnc">VUL-0: CVE-2022-49821: kernel: mISDN: fix possible memory leak in mISDN_dsp_element_register()</issue> <issue id="1242545" tracker="bnc">VUL-0: CVE-2022-49823: kernel: ata: libata-transport: fix error handling in ata_tdev_add()</issue> <issue id="1242547" tracker="bnc">VUL-0: CVE-2022-49824: kernel: ata: libata-transport: fix error handling in ata_tlink_add()</issue> <issue id="1242548" tracker="bnc">VUL-0: CVE-2022-49825: kernel: ata: libata-transport: fix error handling in ata_tport_add()</issue> <issue id="1242549" tracker="bnc">VUL-0: CVE-2022-49826: kernel: ata: libata-transport: fix double ata_host_put() in ata_tport_add()</issue> <issue id="1242551" tracker="bnc">VUL-0: CVE-2022-49870: kernel: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK</issue> <issue id="1242580" tracker="bnc">VUL-0: CVE-2022-49861: kernel: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()</issue> <issue id="1242597" tracker="bnc">VUL-0: CVE-2022-49770: kernel: ceph: avoid putting the realm twice when decoding snaps fails</issue> <issue id="1242686" tracker="bnc">VUL-0: CVE-2022-49771: kernel: dm ioctl: fix misbehavior if list_versions races with module loading</issue> <issue id="1242689" tracker="bnc">VUL-0: CVE-2022-49827: kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()</issue> <issue id="1242716" tracker="bnc">VUL-0: CVE-2022-49846: kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()</issue> <issue id="1242733" tracker="bnc">VUL-0: CVE-2022-49879: kernel: ext4: fix BUG_ON() when directory entry has invalid rec_len</issue> <issue id="1242734" tracker="bnc">VUL-0: CVE-2022-49880: kernel: ext4: fix warning in 'ext4_da_release_space'</issue> <issue id="1242736" tracker="bnc">VUL-0: CVE-2022-49887: kernel: media: meson: vdec: fix possible refcount leak in vdec_probe()</issue> <issue id="1242745" tracker="bnc">VUL-0: CVE-2023-53039: kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function</issue> <issue id="1242749" tracker="bnc">VUL-0: CVE-2023-53052: kernel: cifs: fix use-after-free bug in refresh_cache_worker()</issue> <issue id="1242762" tracker="bnc">VUL-0: CVE-2025-37789: kernel: net: openvswitch: fix nested key length validation in the set() action</issue> <issue id="1242835" tracker="bnc">VUL-0: CVE-2020-36791: kernel: net_sched: keep alloc_hash updated after hash allocation</issue> <issue id="1242963" tracker="bnc">VUL-0: CVE-2025-37846: kernel: arm64: mops: Do not dereference src reg for a set operation</issue> <issue id="1243919" tracker="bnc">kernel-debug exists</issue> <issue id="2020-36790" tracker="cve" /> <issue id="2020-36791" tracker="cve" /> <issue id="2021-32399" tracker="cve" /> <issue id="2022-3564" tracker="cve" /> <issue id="2022-49110" tracker="cve" /> <issue id="2022-49139" tracker="cve" /> <issue id="2022-49320" tracker="cve" /> <issue id="2022-49767" tracker="cve" /> <issue id="2022-49769" tracker="cve" /> <issue id="2022-49770" tracker="cve" /> <issue id="2022-49771" tracker="cve" /> <issue id="2022-49772" tracker="cve" /> <issue id="2022-49775" tracker="cve" /> <issue id="2022-49777" tracker="cve" /> <issue id="2022-49787" tracker="cve" /> <issue id="2022-49788" tracker="cve" /> <issue id="2022-49789" tracker="cve" /> <issue id="2022-49790" tracker="cve" /> <issue id="2022-49793" tracker="cve" /> <issue id="2022-49794" tracker="cve" /> <issue id="2022-49799" tracker="cve" /> <issue id="2022-49802" tracker="cve" /> <issue id="2022-49809" tracker="cve" /> <issue id="2022-49818" tracker="cve" /> <issue id="2022-49821" tracker="cve" /> <issue id="2022-49823" tracker="cve" /> <issue id="2022-49824" tracker="cve" /> <issue id="2022-49825" tracker="cve" /> <issue id="2022-49826" tracker="cve" /> <issue id="2022-49827" tracker="cve" /> <issue id="2022-49830" tracker="cve" /> <issue id="2022-49832" tracker="cve" /> <issue id="2022-49835" tracker="cve" /> <issue id="2022-49836" tracker="cve" /> <issue id="2022-49839" tracker="cve" /> <issue id="2022-49841" tracker="cve" /> <issue id="2022-49842" tracker="cve" /> <issue id="2022-49846" tracker="cve" /> <issue id="2022-49861" tracker="cve" /> <issue id="2022-49870" tracker="cve" /> <issue id="2022-49879" tracker="cve" /> <issue id="2022-49880" tracker="cve" /> <issue id="2022-49881" tracker="cve" /> <issue id="2022-49887" tracker="cve" /> <issue id="2022-49889" tracker="cve" /> <issue id="2022-49892" tracker="cve" /> <issue id="2022-49906" tracker="cve" /> <issue id="2022-49910" tracker="cve" /> <issue id="2022-49915" tracker="cve" /> <issue id="2022-49922" tracker="cve" /> <issue id="2022-49927" tracker="cve" /> <issue id="2023-1990" tracker="cve" /> <issue id="2023-53039" tracker="cve" /> <issue id="2023-53052" tracker="cve" /> <issue id="2023-53106" tracker="cve" /> <issue id="2024-53168" tracker="cve" /> <issue id="2024-56558" tracker="cve" /> <issue id="2024-56705" tracker="cve" /> <issue id="2025-21812" tracker="cve" /> <issue id="2025-21999" tracker="cve" /> <issue id="2025-22028" tracker="cve" /> <issue id="2025-22121" tracker="cve" /> <issue id="2025-37789" tracker="cve" /> <issue id="2025-37846" tracker="cve" /> <issue id="2025-40364" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>alix82</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bsc#1184611). - CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981). - CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032). - CVE-2022-49320: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (bsc#1238394). - CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493). - CVE-2022-49769: gfs2: Check sb_bsize_shift after reading superblock (bsc#1242440). - CVE-2022-49770: ceph: avoid putting the realm twice when decoding snaps fails (bsc#1242597). - CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245). - CVE-2022-49789: scsi: zfcp: Fix double free of FSF request when qdio send fails (bsc#1242366). - CVE-2023-53039: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (bsc#1242745). - CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887). - CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1235100). - CVE-2024-56705: media: atomisp: add check for rgby_data memory allocation failure (bsc#1235568). - CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471). - CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802). - CVE-2025-22028: media: vimc: skip .s_stream() for stopped entities (bsc#1241362). - CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593). - CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762). - CVE-2025-37846: arm64: mops: Do not dereference src reg for a set operation (bsc#1242963). - CVE-2025-40364: io_uring: fix io_req_prep_async with provided buffers (bsc#1241637). The following non-security bugs were fixed: - blk: Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139). - x86/entry: Remove skip_r11rcx (bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676). - HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (bsc#1242745) - kernel: Remove debug flavor (bsc#1243919). - devm-helpers: Add resource managed version of work init (bsc#1242745). - rpm: fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358). - mtd: phram: Add the kernel lock down check (bsc#1232649). - ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes). - usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). - usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git-fixes). - workqueue: Add resource managed version of delayed work init (bsc#1242745) </description> <!-- inserted by gitlab@gitlab.suse.de:security/tools.git/auto_maintenance.pl --> <releasetarget project="SUSE:Updates:Storage:7.1:x86_64"/> <releasetarget project="SUSE:Updates:Storage:7.1:aarch64"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.2:x86_64"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.2:s390x"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.2:aarch64"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.1:x86_64"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.1:s390x"/> <releasetarget project="SUSE:Updates:SUSE-MicroOS:5.1:aarch64"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP3:x86_64"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES_SAP:15-SP3:ppc64le"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP3-LTSS:x86_64"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP3-LTSS:s390x"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP3-LTSS:ppc64le"/> <releasetarget project="SUSE:Updates:SLE-Product-SLES:15-SP3-LTSS:aarch64"/> <releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP3-LTSS:x86_64"/> <releasetarget project="SUSE:Updates:SLE-Product-HPC:15-SP3-LTSS:aarch64"/> <releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP3:x86_64"/> <releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP3:s390x"/> <releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP3:ppc64le"/> <releasetarget project="SUSE:Updates:SLE-Product-HA:15-SP3:aarch64"/> <releasetarget project="SUSE:Updates:SLE-Module-Development-Tools-OBS:15-SP6:x86_64"/> <releasetarget project="SUSE:Updates:SLE-Module-Development-Tools-OBS:15-SP6:aarch64"/> <releasetarget project="SUSE:SLE-15-SP3:Update"/> <summary>Security update for the Linux Kernel</summary> </patchinfo>
