Overview

File _patchinfo of Package patchinfo.36605

<patchinfo incident="36605">
  <issue id="1225429" tracker="bnc">VUL-0: CVE-2021-47517: kernel live patch: ethtool: do not perform operations on net devices being unregistered</issue>
  <issue id="1227471" tracker="bnc">VUL-0: CVE-2021-47598: kernel live patch: sch_cake: do not call cake_destroy() from cake_init()</issue>
  <issue id="1228349" tracker="bnc">VUL-0: CVE-2024-40909: kernel live patch: bpf: Fix a potential use-after-free in bpf_link_free()</issue>
  <issue id="1228573" tracker="bnc">VUL-0: CVE-2024-41059: kernel live patch: hfsplus: fix uninit-value in copy_name</issue>
  <issue id="1228786" tracker="bnc">VUL-0: CVE-2024-40954: kernel live patch: net: do not leave a dangling sk pointer, when socket creation fails</issue>
  <issue id="1229273" tracker="bnc">VUL-0: CVE-2024-35949: kernel live patch: btrfs: make sure that WRITTEN is set on all metadata blocks</issue>
  <issue id="1229553" tracker="bnc">VUL-0: CVE-2024-43861: kernel live patch: net: usb: qmi_wwan: fix memory leak for not ip packets</issue>
  <issue id="2021-47517" tracker="cve" />
  <issue id="2021-47598" tracker="cve" />
  <issue id="2024-35949" tracker="cve" />
  <issue id="2024-40909" tracker="cve" />
  <issue id="2024-40954" tracker="cve" />
  <issue id="2024-41059" tracker="cve" />
  <issue id="2024-43861" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.14.21-150500_13_61 fixes several issues.

The following security issues were fixed:

- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349).
</description>
<summary>Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places