Overview

File _patchinfo of Package patchinfo.32068

<patchinfo incident="32068">
  <issue id="1179610" tracker="bnc">VUL-0: CVE-2020-26558: kernel-source: Multiple Bluetooth Core Specification Vulnerabilities</issue>
  <issue id="1183045" tracker="bnc">mount command hangs on reserved scsi disk</issue>
  <issue id="1193285" tracker="bnc">[Build 67.2] io_pgetevents_time64 returns an event when max_nr == -1  (32bit  compatibility layer)</issue>
  <issue id="1211162" tracker="bnc">[ppc64le] kernel BUG at ../fs/nfs/pagelist.c:530! Oops: Exception in kernel mode, sig: 5 [#1]</issue>
  <issue id="1211226" tracker="bnc">Eliminate the need for 'OBS source links': convert to _multibuild</issue>
  <issue id="1212584" tracker="bnc">Missing SPI fixes for NVIDIA Grace platform</issue>
  <issue id="1214747" tracker="bnc">L3: SLES15 SP5: LUNs going into "failed" state is observed on &gt;1T with DIF enabled on array</issue>
  <issue id="1214823" tracker="bnc">SLE-15SP5 KOTD: Kernel warning in nfsd_file_cache_purge()</issue>
  <issue id="1215237" tracker="bnc">VUL-0: CVE-2020-26555: kernel-source-rt,kernel-source,kernel-source-azure,bluez: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of t</issue>
  <issue id="1215696" tracker="bnc">Bug in SNC when nr_cpus=&lt;fewer cpus than present&gt;</issue>
  <issue id="1215885" tracker="bnc">L3: clocksource / TSC found unstable after boot, possibly due to broken bios</issue>
  <issue id="1216057" tracker="bnc">SLES15SP5 - MPIO is waiting for stalled tur thread to finish</issue>
  <issue id="1216559" tracker="bnc">SLES 15 SP5 cannot boot with SEV SNP flags enabled for Amazon EC2 instances</issue>
  <issue id="1216776" tracker="bnc">L3: kvm - qla2xxx IO errors and aborts in the host cause multipath failed devices in the guest</issue>
  <issue id="1217036" tracker="bnc">[SLES 15 SP5] BUG: scheduling while atomic, occurring after a warning in ring_buffer_discard_commit()</issue>
  <issue id="1217217" tracker="bnc">L3: tsc: Marking TSC unstable due to clocksource watchdog</issue>
  <issue id="1217250" tracker="bnc">VUL-0: CVE-2023-6121: kernel-source,kernel-source-azure,kernel-source-rt: kernel: NVMe: info leak due to out-of-bounds read in nvmet_ctrl_find_get()</issue>
  <issue id="1217602" tracker="bnc">L3-Question: kernel crash while printing (module) symbols in OOM stack trace</issue>
  <issue id="1217692" tracker="bnc">frequent repeated nlmsvc_put_lockowner+0x6 panics — ref:_00D1igLOd._500Tr1SJiH:ref</issue>
  <issue id="1217790" tracker="bnc">Bug in SNC when nr_cpus=&lt;fewer cpus than present&gt;</issue>
  <issue id="1217801" tracker="bnc">PVT:1050:XM: CT: Suse Lpar not able to do ssh after Fatal EEH Injection using 4 port ethernet adapter ( 14E4 1657 1014 0420 ) on d153-linux2 lpar</issue>
  <issue id="1217933" tracker="bnc">KVM: s390: vsie: fix wrong VIR 37 when MSO is used</issue>
  <issue id="1217938" tracker="bnc">VUL-0: CVE-2023-6622: kernel: null pointer dereference vulnerability in nft_dynset_init()</issue>
  <issue id="1217946" tracker="bnc">VUL-0: CVE-2023-6610: kernel: OOB Access in smb2_dump_detail</issue>
  <issue id="1217947" tracker="bnc">VUL-0: CVE-2023-6606: kernel: Out-Of-Bounds Read vulnerability in smbCalcSize</issue>
  <issue id="1217980" tracker="bnc">ceph: fix incorrect revoked caps assert in ceph_fill_file_size()</issue>
  <issue id="1217981" tracker="bnc">libceph: use kernel_connect()</issue>
  <issue id="1217982" tracker="bnc">ceph: fix type promotion bug on 32bit systems</issue>
  <issue id="1218056" tracker="bnc">KVM: s390/mm: Properly reset no-dat</issue>
  <issue id="1218139" tracker="bnc">SLES 15 SP5 - SMC stats: Wrong bucket calculation for payload of exactly 4096 bytes</issue>
  <issue id="1218184" tracker="bnc">Eliminate the need for 'OBS source links': convert to _multibuild</issue>
  <issue id="1218234" tracker="bnc">Adjust insufficient default bpf_jit_limit (SLE Micro 5.4/Elemental)</issue>
  <issue id="1218253" tracker="bnc">VUL-0: CVE-2023-6932: kernel: use-after-free in IPv4 IGMP</issue>
  <issue id="1218258" tracker="bnc">VUL-0: CVE-2023-6931: kernel: heap out-of-bounds write in perf_read_group</issue>
  <issue id="1218335" tracker="bnc">VUL-0: CVE-2023-6546: kernel-source,kernel-source-azure,kernel-source-rt: GSM multiplexing race condition leads to privilege escalation</issue>
  <issue id="1218357" tracker="bnc">s390/vx: fix save/restore of fpu kernel context</issue>
  <issue id="1218447" tracker="bnc">VUL-0: CVE-2023-6531: kernel: GC's deletion of an SKB races with unix_stream_read_generic()  leading to UAF</issue>
  <issue id="1218515" tracker="bnc">mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors</issue>
  <issue id="1218559" tracker="bnc">VUL-0: CVE-2023-51779: kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg</issue>
  <issue id="1218569" tracker="bnc">SLE-15SP4 KOTD: Kernel warning in nfsd_file_cache_purge()</issue>
  <issue id="1218659" tracker="bnc">fuse: dax: set fc-&gt;dax to NULL in fuse_dax_conn_free()</issue>
  <issue id="2023-6531" tracker="cve" />
  <issue id="2023-6610" tracker="cve" />
  <issue id="2023-51779" tracker="cve" />
  <issue id="2020-26555" tracker="cve" />
  <issue id="2023-6606" tracker="cve" />
  <issue id="2023-6546" tracker="cve" />
  <issue id="2023-6931" tracker="cve" />
  <issue id="2023-6932" tracker="cve" />
  <issue id="2023-6622" tracker="cve" />
  <issue id="2023-6121" tracker="cve" />
  <issue id="PED-3459" tracker="jsc" />
  <issue id="PED-5021" tracker="jsc" />
  <issue id="PED-7322" tracker="jsc" />
  <category>security</category>
  <rating>important</rating>
  <packager>mfranc</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information (bsc#1217946).
- CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218559).
- CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the Bluetooth subsystem that would allow replay attacks (bsc#1179610 bsc#1215237).
- CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving a malformed length from a server (bsc#1217947).
- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1218335).
- CVE-2023-6931: Fixed an out of bounds write in the Performance Events subsystem when adding a new event (bsc#1218258).
- CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query packet due to reference count mismanagement (bsc#1218253).
- CVE-2023-6622: Fixed a null pointer dereference vulnerability in nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service (bsc#1217938).
- CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted packet in the NVMe-oF/TCP subsystem (bsc#1217250).

The following non-security bugs were fixed:

- Reviewed and added more information to README.SUSE (jsc#PED-5021).
- Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226, bsc#1218184).
- Drop drm/bridge lt9611uxc patches that have been reverted on stable trees
- KVM: s390/mm: Properly reset no-dat (bsc#1218056).
- KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217933).
- KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
- NFS: Fix O_DIRECT locking issues (bsc#1211162).
- NFS: Fix a few more clear_bit() instances that need release semantics (bsc#1211162).
- NFS: Fix a potential data corruption (bsc#1211162).
- NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
- NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
- NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162).
- NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
- NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
- NLM: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
- Updated SPI patches for NVIDIA Grace enablement (bsc#1212584 jsc#PED-3459)
- block: fix revalidate performance regression (bsc#1216057).
- bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234).
- ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (bsc#1217980).
- ceph: fix type promotion bug on 32bit systems (bsc#1217982).
- clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885 bsc#1217217).
- clocksource: Enable TSC watchdog checking of HPET and PMTMR only when requested (bsc#1215885 bsc#1217217).
- clocksource: Handle negative skews in "skew is too large" messages (bsc#1215885 bsc#1217217).
- clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
- clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
- clocksource: Loosen clocksource watchdog constraints (bsc#1215885 bsc#1217217).
- clocksource: Print clocksource name when clocksource is tested unstable (bsc#1215885 bsc#1217217).
- clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885 bsc#1217217).
- dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
- libceph: use kernel_connect() (bsc#1217981).
- mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
- net/smc: Fix pos miscalculation in statistics (bsc#1218139).
- net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
- nfs: only issue commit in DIO codepath if we have uncommitted data (bsc#1211162).
- remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
- s390/vx: fix save/restore of fpu kernel context (bsc#1218357).
- scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- tracing: Disable preemption when using the filter buffer (bsc#1217036).
- tracing: Fix a possible race when disabling buffered events (bsc#1217036).
- tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
- tracing: Fix incomplete locking when disabling buffered events (bsc#1217036).
- tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).
- tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver() (bsc#1217036).
- uapi: propagate __struct_group() attributes to the container union (jsc#SLE-18978).
- vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- x86/platform/uv: Use alternate source for socket to node data (bsc#1215696 bsc#1217790).
- x86/tsc: Add option to force frequency recalibration with HW timer (bsc#1215885 bsc#1217217).
- x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
- x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885 bsc#1217217).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places