File _patchinfo of Package patchinfo.42709

<patchinfo incident="42709">
  <issue tracker="bnc" id="1249205">VUL-0: CVE-2025-38352: kernel live patch: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()</issue>
  <issue tracker="bnc" id="1249455">VUL-0: CVE-2025-38111: kernel live patch: net/mdiobus: Fix potential out-of-bounds read/write access</issue>
  <issue tracker="bnc" id="1249480">VUL-0: CVE-2025-39742: kernel live patch: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()</issue>
  <issue tracker="bnc" id="1253439">VUL-0: CVE-2025-40186: kernel live patch: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().</issue>
  <issue tracker="bnc" id="1253473">VUL-0: CVE-2025-40129: kernel live patch: sunrpc: fix null pointer dereference on zero-length checksum</issue>
  <issue tracker="cve" id="2025-38111"/>
  <issue tracker="cve" id="2025-38352"/>
  <issue tracker="cve" id="2025-39742"/>
  <issue tracker="cve" id="2025-40129"/>
  <issue tracker="cve" id="2025-40186"/>
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <summary>Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP6)</summary>
  <description>
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.33 fixes various security issues

The following security issues were fixed:

- CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access (bsc#1249455).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1249205).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249480).
- CVE-2025-40129: sunrpc: fix null pointer dereference on zero-length checksum (bsc#1253473).
- CVE-2025-40186: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (bsc#1253439).
</description>
</patchinfo>