Overview

File _patchinfo of Package patchinfo.37596

<patchinfo incident="37596">
  <issue id="1227371" tracker="bnc">VUL-0: CVE-2024-36974: kernel live patch: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP</issue>
  <issue id="1228585" tracker="bnc">VUL-0: CVE-2024-40956: kernel live patch: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list</issue>
  <issue id="1236783" tracker="bnc">VUL-0: CVE-2024-53104: kernel live patch: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format</issue>
  <issue id="2024-36974" tracker="cve" />
  <issue id="2024-40956" tracker="cve" />
  <issue id="2024-53104" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.3.18-150300_59_167 fixes several issues.

The following security issues were fixed:

- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1228585).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1227371).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).
</description>
<summary>Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places