File _patchinfo of Package patchinfo.37749

<patchinfo incident="37749">
  <issue id="1215420" tracker="bnc">VUL-0: CVE-2023-4244: kernel-source-rt,kernel-source-azure,kernel-source: netfilter: nf_tables UAF</issue>
  <issue id="1224700" tracker="bnc">VUL-0: CVE-2024-35949: kernel: btrfs: make sure that WRITTEN is set on all metadata blocks</issue>
  <issue id="1225742" tracker="bnc">VUL-0: CVE-2024-36905: kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets</issue>
  <issue id="1232919" tracker="bnc">VUL-0: CVE-2024-50115: kernel: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory</issue>
  <issue id="1234025" tracker="bnc">VUL-0: CVE-2024-53104: kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format</issue>
  <issue id="1234853" tracker="bnc">VUL-0: CVE-2024-53146: kernel: NFSD: prevent a potential integer overflow</issue>
  <issue id="1234891" tracker="bnc">VUL-0: CVE-2024-53173: kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()</issue>
  <issue id="1234963" tracker="bnc">VUL-0: CVE-2024-56539: kernel: wifi: mwifiex: fix memcpy() field-spanning write warning in mwifiex_config_scan()</issue>
  <issue id="1235054" tracker="bnc">VUL-0: CVE-2024-53239: kernel: ALSA: 6fire: release resources at card release</issue>
  <issue id="1235061" tracker="bnc">VUL-0: CVE-2024-56605: kernel: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()</issue>
  <issue id="1235073" tracker="bnc">VUL-0: CVE-2024-56548: kernel: hfsplus: don't query the device logical block size multiple times</issue>
  <issue id="1236757" tracker="bnc">net: netvsc: Update default VMBus channels</issue>
  <issue id="1236761" tracker="bnc">net: mana: Add get_link and get_link_ksettings in ethtool</issue>
  <issue id="1236821" tracker="bnc">VUL-0: CVE-2023-52924: kernel: netfilter: nf_tables: don't skip expired elements during walk</issue>
  <issue id="1237139" tracker="bnc">VUL-0: CVE-2025-21699: kernel: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag</issue>
  <issue id="1238033" tracker="bnc">VUL-0: CVE-2022-49080: kernel: mm/mempolicy: fix mpol_new leak in shared_policy_replace</issue>
  <issue id="2022-49080" tracker="cve" />
  <issue id="2023-4244" tracker="cve" />
  <issue id="2023-52924" tracker="cve" />
  <issue id="2024-35949" tracker="cve" />
  <issue id="2024-50115" tracker="cve" />
  <issue id="2024-53104" tracker="cve" />
  <issue id="2024-53173" tracker="cve" />
  <issue id="2024-53239" tracker="cve" />
  <issue id="2024-56539" tracker="cve" />
  <issue id="2024-56548" tracker="cve" />
  <issue id="2024-56605" tracker="cve" />
  <issue id="2025-21699" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238033).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (bsc#1237139).

The following non-security bugs were fixed:

- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: netvsc: Update default VMBus channels (bsc#1236757).
</description>
	<summary>Security update for the Linux Kernel</summary>
</patchinfo>