Overview

File _patchinfo of Package patchinfo.39963

<patchinfo incident="39963">
  <issue id="1245776" tracker="bnc">VUL-0: CVE-2025-37752: kernel live patch: net_sched: sch_sfq: move the limit validation</issue>
  <issue id="1245793" tracker="bnc">VUL-0: CVE-2025-37797: kernel live patch: net_sched: hfsc: Fix a UAF vulnerability in class handling</issue>
  <issue id="1245797" tracker="bnc">VUL-0: CVE-2025-21702: kernel live patch: pfifo_tail_enqueue: Drop new packet when sch-&gt;limit == 0</issue>
  <issue id="1245804" tracker="bnc">VUL-0: CVE-2024-53125: kernel live patch: bpf: sync_linked_regs() must preserve subreg_def</issue>
  <issue id="2024-53125" tracker="cve" />
  <issue id="2025-21702" tracker="cve" />
  <issue id="2025-37752" tracker="cve" />
  <issue id="2025-37797" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.14.21-150400_24_158 fixes several issues.

The following security issues were fixed:

- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1245804).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
</description>
<summary>Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places